A question, I hear very often. How to migrate ClearPass to a new server? The reason can be, you have reached the end of the evaluation phase and want to use the evaluation installation for production, but you need to change the specs. Or you need to upgrade the specs of your appliance to meet the new needs. If you are running a cluster environment, this is quite easy, simply start a new subscriber. But if you have only one ClearPass server or you need to replace the running server, this post will guide you.
I assume, you have ClearPass up and running and you need to migrate ClearPass to a new server with the same IP on a new hardware platform or within a new VM.
Migrate ClearPass: Backup the Existing Server
The first step is to backup any data on the existing server.Make also sure, that you have license key handy or save the key from the old server as well. Start with the backup. Login to ClearPass and go to “Administration–>Server Manager–>Server Configuration” and click the “Backup” button:
Press the “Start” button and wait until the backup process is complete. Now, download the backup file:
Save the certificates for ClearPass server as well. Go to “Administration–>Certificates–>Server Certificate” and export both, the “Radius Server Certificate” and the “HTTPS Server Certificate”:
Keep all the files save.
Migrate ClearPass: Prepare the new Server
Install the new server and follow the normal installation process. When it comes to the IP configuration, make sure, the old server is down. Configure the old server IP to the new server.
After the server configuration use the web interface to install the license key:
Afterward, enter the “Subscription ID”. Go to “Administration–>Agents and Software Updates–>Software Updates”:
Install all updates to the same version as the old ClearPass server. This could take some time, depending on the internet connection. While the server downloads the update, you can install the licenses to your server. Go to “Administration–>Server Manager–>Licensing” and click the “Add License” button:
After the update is done and the new server has the same version as the old one, restore the backup to the new server. Go to “Administration–>Server Manager–>Server Configuration” and click the “Restore” button:
Restore the server certificates as well. Go to “Administration–>Certificates–>Server Certificate” and “Import Server Certificate”:
The “Private Key Password” is the one, you create during initial creation of the certificate.
The last step is to join the domain if ClearPass was joined to a domain. Go to “Administration–>Server Manager–>Server Configuration” and click on the server to open the server configuration. On the bottom of the page, there is the “Join AD” button:
Afterward, all steps are done and your ClearPass server runs on the new server.
If have any questions about this topic or if you would like to give feedback, please use the comment function below.