Remember when you do a migrate export (upgrade_export), you are in fact getting it from the Management, no matter, there is a gateway on the same box, from the application stand point, they are separate entities, no matter, they reside on the same box.
Now, I had to do that stand-alone to distributed change a couple of times in the past (quite a while ago), but I remember it was not so complicated: - Export the config to the new Management and when the config comes up in the Dashbord, just remove all gateway features from the old standalone object, leave the Management part and use the "convert to host" option available when doing a right-click on the object. It is possible you might have to remove the old object from some spots in the config, before it allows you to convert it to the new separate Management object. - Once the gateway servers are installed and configured properly, create the new cluster object establishing SIC and put this object in the required spots (f.e the install-on column of the rules, VPN communities, etc.) and finally install policy. This is a very simplified explanation and you might bump into a few rough edges, but as I remember it, it was not so hard to figure out how to get around them and finish the change. Regards On Mon, Sep 10, 2012 at 7:42 AM, r locus <rlocus2...@gmail.com> wrote: > I have a dell PowerEdge running Gaia R75.04 that is a security > gateway and security management server. I need to turn this into a > distributed deployment with security gateway cluster and security > management server on different computer. What is the best method to > do this? How do I get all my rules and objects setup on the new > management server without creating all the objects manually? If I > use upgrade_import then the gateway is still really setup as gateway > and management on one server. Should I use cluster XL? > > > Thank you, > > rlocus > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to lists...@amadeus.us.checkpoint.com > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > fw-1-ow...@ts.checkpoint.com > ================================================= > -- Sergio Alvarez CISSP | CCSE+ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to lists...@amadeus.us.checkpoint.com in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email fw-1-ow...@ts.checkpoint.com ================================================= Scanned by Check Point Total Security Gateway.