Occasional Contributor II

Migrating CPPM to new hardware

We are currently running a CPPM 6.7.1 cluster on C3000 hardware platform. We are in the planning-process of migrating these two servers to our Hyper-V (VMM) virtual environment. We think the hardware recommendments of the 25k virtual servers are insane, but I guess theres nothing to do with that.


The plan is to install a brand new 6.8/6.9 cluster, with new IP-adresses, and export/import the config from the existing cluster, and do some config improvement (too many policyes, too many settings not in use anymore.
From what I can see, the following settings will have to be configured all over again after the config-import:


  • Certificates (both radius and captive portal)
  • Active directory connections
  • IP-addresses
  • Licenses
  • Custom captive portal skin


It would be a much easier task to use the same IP-addresses/cluster all over again. Then we could just add servers to the existing cluster, and turn off the hardware hosts when done. I guess most of the configuration above would still be there as well.
The problem with that approach is that we would have to use the new cluster for all our wireless controllers, radius/8021x enabled switches, airwave etc at the same time - while we want to do a "controlled migration", over a month or so.


What do you experts think of this migration plan? Is this a good way to do it, or have I missed something?
Any comments will be much appreciated!

MVP Expert

Re: Migrating CPPM to new hardware

You should consider deploying the new ClearPass cluster running the same version as your production environment , that way you can perform the backup/restore with no issues and then upgrade to the desire version you want to run on the new Cluster.

The certificates will not be included in the backup so make sure you have the private key and private password.

Configure a test SSID for Guest / 802.1X and validate that everything works as expected prior to the migration.

Sent from Mail for Windows 10
Thank you

Victor Fabian
Lead Mobility Architect @WEI

Re: Migrating CPPM to new hardware

Agree to Victor here. It is not recommended to restore 6.7.1 backup on 6.8/6.9. We might run into some issue.
Best practice would be restore on same code and upgrade.


If my post helped you, don't forget to give kudos ;)
MVP Expert
MVP Expert

Re: Migrating CPPM to new hardware

Agree with Vishnu




Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.
Search Airheads
Showing results for 
Search instead for 
Did you mean: