The VPN configuration migration tool migrates the BorderManager Enterprise Edition 3.6 and Novell BorderManager 3.7 configuration to a Novell BorderManager 3.8 VPN configuration. This takes place when you install Novell BorderManager 3.8 over an earlier version of BorderManager. This tool also works outside of Novell BorderManager install. For that information refer to Upgrading a VPN from a Previous Version.
The VPN migration tool reads earlier BorderManager VPN configurations from their respective locations (configuration files or eDirectory) and automatically converts the information to Novell BorderManager 3.8-compatible VPN configuration.
The tool creates the following items:
Master or Slave Server Configuration: The public IP address, tunnel IP address, IPX address, and their respective IP masks are read from the configuration files and migrated. The migration tool also reads the Novell eDirectory information on the server role and enabled services and migrates them. It creates all other Novell BorderManager 3.8-compatible attributes and attaches the server certificate and trusted root container.
Site-to-Site Service: The tool creates site-to-site traffic rules and migrates the protected networks and host, as well as other Novell BorderManager 3.8-compatible attributes. It migrates attributes like ServiceEnabled vpnConnProperties, pnConfigConnectTimeout, VpnConfigResponseTimeout, serviceHosts, serviceIdentifier and vpnConfigInterval. If the server is a master, the tool creates the site-to-site object and adds the site-to-site member entry. If the server is a slave, it does not create the object in the members list of the master.
Client-to-Site Service: The tool creates the client-to-site object for both master as well as slave servers. It migrates the traffic rules, protected networks and creates the default authentication rule. It also creates the other Novell BorderManager 3.8-compatible attributes.
Server Certificates: The migration tool creates the server certificate with the name VpnServCert, appending the server name.
Trusted Root Containers: The migration tool creates the Trusted Roots Containers with the name TrustedRoot, appending the server name.
Trusted Root Objects: The migration tool creates the Trusted Root Object with the name TRO, appending the server name.
SCM Service Object: The migration tool creates the SCM service object.
To implement this component, upgrade all the nodes. If only one node is upgraded, add the keys from the NWAdmn member list.