[cisco-voip] Planning to Migrate a CUCM 7.1 to a new CUCM 8.6 Cluster with Security turned on

rschuknecht at gmx.de rschuknecht at gmx.de
Tue Nov 8 06:53:17 EST 2011


Wes,

thanks for info. We will give it another try. I will let you how it went.

/Robert
-------- Original-Nachricht --------
> Datum: Mon, 7 Nov 2011 18:20:58 -0500
> Von: Wes Sisk <wsisk at cisco.com>
> An: rschuknecht at gmx.de
> CC: cisco-voip at puck.nether.net
> Betreff: Re: [cisco-voip] Planning to Migrate a CUCM 7.1 to a new CUCM 8.6 Cluster with Security turned on

> A few things stand out here.  Hopefully Jason will chime in with whatever
> I miss on the security aspects.
> * Centralized TFTP requires using the *newest* version as the centralized
> TFTP: CSCsq48448    CCM SRND centralized TFTP needs to require central TFTP
> be highest ver
> 
> I believe we summarized the process this way:
> 
> pre 8.0 security with hardware etoken
> 		• update old cluster CTL to include new cluster TFTP server. sign old
> CTL with etoken
> 			• should not be necessary if new cluster CTL file is signed by the
> same eToken
> 			• Late (9.x?) TNP phones will trust new TFTP because signed with same
> hardware etoken(unverified)
> 			• Older phone loads require updating CTL to include new TFTP server
> 		• restart TFTP old cluster to reload CTL file into cache
> 		• reset phones on old cluster and verify CTL download
> 		• use same hardware etoken on new cluster.  just sign CTL file with
> same eToken.  enabling security is not required.
> 			• for pre-8.x to 8.x just use same eToken to sign CTL on 8.x cluster
> 			• is there a way to accomplish this without generating CTL file? No.
> CTL files are 'permanent'. would require touching every phone to delete
> CTLs. No "migration" to ITL's
> 			• if CTL file in old cluster then *must* generate CTL in new cluster
> 			• point phones to new cluster
> 
> Regards,
> Wes
> 
> 
> On Nov 7, 2011, at 7:39 AM, rschuknecht at gmx.de wrote:
> 
> Hi List,
> 
> I am currently planning a CUCM Migration from Version 7.1.5 to Version
> 8.6, on new Hardware. The old cluster has security turned on (CTL Client an
> E-Token). What makes more difficult is, we have to use the old Publisher as
> an centralized TFTP Server for both, the old 7.1.5 and the new 8.6 Cluster.
> 
> I thought it should be possible by doing it this way:
> 
> - Define the 8.6 TFTP-Server as alternate TFTP on the old Server
> - Run the CTL-Client on the old Cluster and put the new TFTP Server in the
> CTL File
> - Run the CTL-CLient on the new Cluster and add the old TFTP Server
> - Configure the new Cluster with all Phones
> - Delete the Phones on the old Cluster (Change MAC Add.)
> 
> But in this scenario the Phones would not register to the new Cluster? 
> 
> Now i am looking for a strategy to configure it correctly. Any information
> and help is more than welcome.
> 
> /Robert
> -- 
> NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
> Jetzt informieren: http://www.gmx.net/de/go/freephone
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
> 
> 

-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de


More information about the cisco-voip mailing list