[cisco-voip] Planning to Migrate a CUCM 7.1 to a new CUCM 8.6 Cluster with Security turned on

Wes Sisk wsisk at cisco.com
Mon Nov 7 18:20:58 EST 2011 

A few things stand out here.  Hopefully Jason will chime in with whatever I miss on the security aspects.
* Centralized TFTP requires using the *newest* version as the centralized TFTP: CSCsq48448    CCM SRND centralized TFTP needs to require central TFTP be highest ver

I believe we summarized the process this way:

pre 8.0 security with hardware etoken
		• update old cluster CTL to include new cluster TFTP server. sign old CTL with etoken
			• should not be necessary if new cluster CTL file is signed by the same eToken
			• Late (9.x?) TNP phones will trust new TFTP because signed with same hardware etoken(unverified)
			• Older phone loads require updating CTL to include new TFTP server
		• restart TFTP old cluster to reload CTL file into cache
		• reset phones on old cluster and verify CTL download
		• use same hardware etoken on new cluster.  just sign CTL file with same eToken.  enabling security is not required.
			• for pre-8.x to 8.x just use same eToken to sign CTL on 8.x cluster
			• is there a way to accomplish this without generating CTL file? No. CTL files are 'permanent'. would require touching every phone to delete CTLs. No "migration" to ITL's
			• if CTL file in old cluster then *must* generate CTL in new cluster
			• point phones to new cluster

Regards,
Wes


On Nov 7, 2011, at 7:39 AM, rschuknecht at gmx.de wrote:

Hi List,

I am currently planning a CUCM Migration from Version 7.1.5 to Version 8.6, on new Hardware. The old cluster has security turned on (CTL Client an E-Token). What makes more difficult is, we have to use the old Publisher as an centralized TFTP Server for both, the old 7.1.5 and the new 8.6 Cluster.

I thought it should be possible by doing it this way:

- Define the 8.6 TFTP-Server as alternate TFTP on the old Server
- Run the CTL-Client on the old Cluster and put the new TFTP Server in the CTL File
- Run the CTL-CLient on the new Cluster and add the old TFTP Server
- Configure the new Cluster with all Phones
- Delete the Phones on the old Cluster (Change MAC Add.)

But in this scenario the Phones would not register to the new Cluster? 

Now i am looking for a strategy to configure it correctly. Any information and help is more than welcome.

/Robert
-- 
NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
Jetzt informieren: http://www.gmx.net/de/go/freephone
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

More information about the cisco-voip mailing list