Security

 View Only
Back to discussions
Expand all | Collapse all

Hardware Upgrade: ClearPass C3000 DL360 Gen9 to C3010 Gen10

This thread has been viewed 9 times

  • 1.  Hardware Upgrade: ClearPass C3000 DL360 Gen9 to C3010 Gen10

    Posted Mar 25, 2025 06:03 AM

    Hello

    We are planning to upgrade our ClearPass cluster (30 nodes) from current C3000 model to C3010 Gen10 as C3000 has its reached EoSL.

    What would be the important steps to be followed for upgradation process considering the firmware version running now is 6.11.10?

    Do we have any documentation that could be referred?



  • 2.  RE: Hardware Upgrade: ClearPass C3000 DL360 Gen9 to C3010 Gen10

    Posted Mar 25, 2025 07:19 AM

    Hi

    Didn't you just ask this question in this forum post? There are no differences depending on the server models.
    https://community.arubanetworks.com/discussion/how-to-upgrade-clearpass-cluster-from-c3000-dl360-gen9-to-n3000-1g-hardware-appliance-current-version-611

    As you have 30 nodes in the cluster you are very close to the maximum allowed number of cluster members (32).

    So with this in mind you have to more or less replace the cluster nodes one by one if you are replacing within the same cluster. If you create a completely new cluster in parallel you can build the new cluster without impact on the current cluster.

    As this will take quite some time, I would personally opt for the first option to replace cluster nodes one by one. With that number of nodes in the cluster I assume there are good redundancy.

    If that's true you can follow the following major steps for each server:

    • Prepare the new server
    • Start with another IP on the server, upgrade/update as needed to 6.11.10
    • Drop the old server from the cluster, power off
    • Change IP(s) on the new server to the IP(s) of the old server
    • Make sure the database certificate has been updated with the new management IP in the SAN. This will be done automatically, but can take some time
    • Configure any local settings such as routing, hardening, service parameters etc manually
    • Make the new server a subscriber to the publisher


    ------------------------------
    Best Regards
    Jonas Hammarbäck
    MVP Guru, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security
    Aranya AB
    If you find my answer useful, consider giving kudos and/or mark as solution
    ------------------------------

    Original Message


Related Content