5.2 Upgrade Scenarios

The Table 5-1 contains a list of upgrade scenarios available for SSL VPN along with the procedure to upgrade the server.

Table 5-1 Upgrade Scenarios

Serial Number

Installation Scenario

Upgrade Procedure

1

Traditional SSL VPN, Identity Server, and the Administration Console on the same machine; Linux Access Gateway on a separate machine

The SSL VPN 3.0 version cannot coexist with other Novell Access Manager components that are running the 3.1 version. When SSL VPN is installed along with the other Novell Access Manager component on the same machine, the SSL VPN server is automatically upgraded to 3.1. For more information, see Upgrading the Identity Server in the Novell Access Manager 3.1 SP1 Installation Guide.

2

Traditional SSL VPN, Identity Server, Linux Access Gateway, and Administration Console on separate machines

To upgrade the SSL VPN server that is installed on a separate machine, see Section 5.3, Upgrading SSL VPN Installed on a Separate Machine.

3

Traditional SSL VPN and the Identity server on the same machine; Administration Console and Linux Access Gateway on separate machines

When SSL VPN is installed along with the Identity Server on the same machine, the SSL VPN server is automatically upgraded to 3.1. For more information, see Upgrading the Identity Server in the Novell Access Manager 3.1 SP1 Installation Guide.

4

Traditional SSL VPN and the Administration Console on same machine, Identity Server, Linux Access Gateway on a separate machine

When SSL VPN is installed along with the Administration Console, on the same machine, the SSL VPN server is automatically upgraded to 3.1. For more information, see Upgrading the Administration Console in the Novell Access Manager 3.1 SP1 Installation Guide.

5

Traditional SSL VPN and the Linux Access Gateway on the same machine, Administration Console and Identity Server on separate machines

When SSL VPN is installed along with the Linux Access Gateway, on the same machine, the SSL VPN server is automatically upgraded to 3.1. For more information, see Upgrading the Linux Access Gateway Appliance.

6

Move from Traditional Novell SSL VPN 3.0 to ESP-enabled SSL VPN 3.1

If you have installed the Traditional Novell SSL VPN server and want to move to the ESP-enabled SSL VPN, you cannot upgrade the server directly. You need to install the ESP-enabled SSL VPN on a separate machine and then import the traffic policies from the 3.0 Traditional SSL VPN into the 3.1 ESP-enabled SSL VPN. For more information, see Section 5.4, Migrating a Traditional SSL VPN Server to the ESP-Enabled Version.

7

Upgrade traditional SSL VPN servers clustered in the 3.0 version by using config.txt or the server persistent method through Linux Access Gateway.

If you have configured a cluster of SSL VPN servers in 3.0 by using the config.txt file or though the Linux Access Gateway do one of the following:

  • If the config.txt file is used to cluster SSL VPN, all configuration details in the file are lost after you upgrade to 3.1. SSL VPN 3.1 does not support the using the config.txt file. After upgrading the server, you must reconfigure the SSL VPN cluster with the help of an L4 server. For more information, see Section IV, Clustering the High Bandwidth SSL VPN Servers.

  • If you clustered SSL VPN by using the Linux Access Gateway, your cluster configuration continues to work. You also have an option to cluster SSL VPN with the help of an L4 server. For more information, see Section IV, Clustering the High Bandwidth SSL VPN Servers