[cisco-voip] Planning to Migrate a CUCM 7.1 to a new CUCM 8.6 Cluster with Security turned on
rschuknecht at gmx.de
rschuknecht at gmx.de
Tue Nov 8 06:53:17 EST 2011
Wes,
thanks for info. We will give it another try. I will let you how it went.
/Robert
-------- Original-Nachricht --------
> Datum: Mon, 7 Nov 2011 18:20:58 -0500
> Von: Wes Sisk <wsisk at cisco.com>
> An: rschuknecht at gmx.de
> CC: cisco-voip at puck.nether.net
> Betreff: Re: [cisco-voip] Planning to Migrate a CUCM 7.1 to a new CUCM 8.6 Cluster with Security turned on
> A few things stand out here. Hopefully Jason will chime in with whatever
> I miss on the security aspects.
> * Centralized TFTP requires using the *newest* version as the centralized
> TFTP: CSCsq48448 CCM SRND centralized TFTP needs to require central TFTP
> be highest ver
>
> I believe we summarized the process this way:
>
> pre 8.0 security with hardware etoken
> • update old cluster CTL to include new cluster TFTP server. sign old
> CTL with etoken
> • should not be necessary if new cluster CTL file is signed by the
> same eToken
> • Late (9.x?) TNP phones will trust new TFTP because signed with same
> hardware etoken(unverified)
> • Older phone loads require updating CTL to include new TFTP server
> • restart TFTP old cluster to reload CTL file into cache
> • reset phones on old cluster and verify CTL download
> • use same hardware etoken on new cluster. just sign CTL file with
> same eToken. enabling security is not required.
> • for pre-8.x to 8.x just use same eToken to sign CTL on 8.x cluster
> • is there a way to accomplish this without generating CTL file? No.
> CTL files are 'permanent'. would require touching every phone to delete
> CTLs. No "migration" to ITL's
> • if CTL file in old cluster then *must* generate CTL in new cluster
> • point phones to new cluster
>
> Regards,
> Wes
>
>
> On Nov 7, 2011, at 7:39 AM, rschuknecht at gmx.de wrote:
>
> Hi List,
>
> I am currently planning a CUCM Migration from Version 7.1.5 to Version
> 8.6, on new Hardware. The old cluster has security turned on (CTL Client an
> E-Token). What makes more difficult is, we have to use the old Publisher as
> an centralized TFTP Server for both, the old 7.1.5 and the new 8.6 Cluster.
>
> I thought it should be possible by doing it this way:
>
> - Define the 8.6 TFTP-Server as alternate TFTP on the old Server
> - Run the CTL-Client on the old Cluster and put the new TFTP Server in the
> CTL File
> - Run the CTL-CLient on the new Cluster and add the old TFTP Server
> - Configure the new Cluster with all Phones
> - Delete the Phones on the old Cluster (Change MAC Add.)
>
> But in this scenario the Phones would not register to the new Cluster?
>
> Now i am looking for a strategy to configure it correctly. Any information
> and help is more than welcome.
>
> /Robert
> --
> NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!
> Jetzt informieren: http://www.gmx.net/de/go/freephone
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
--
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de
More information about the cisco-voip
mailing list