Upgrade time: about three minutes.
You can upgrade SSL VPN to 3.1 SP5 version from 3.1 SP4 version.
You can upgrade the Traditional SSL VPN server to the 3.1 SP5 version of the Traditional SSL VPN server. You cannot upgrade the Traditional Novell SSL VPN server to the ESP-enabled SSL VPN. However, you can perform a new installation of ESP-enabled version of SSL VPN and then migrate traffic policies that you configured for the traditional SSL VPN to the ESP-enabled SSL VPN.
Make sure that you have done the following before you proceed with the upgrade:
Download the relevant upgrade file from Novell and extract the file. For the actual filename, see the Readme.
Upgrade the Administration Console, Identity Server, and Access Gateway Appliance before upgrading SSL VPN servers that are installed on separate machines.
If the SSL VPN server was installed with the other Access Manager components, the SSL VPN server is automatically upgraded along with the other components.
If you have installed high bandwidth SSL VPN, make sure you download and install the high bandwidth SSL VPN RPM. SSL VPN has a high bandwidth RPM that needs to be installed once to get its capabilities. This RPM should be installed before upgrading the SSL VPN server. For information on how to install the high bandwidth SSL VPN RPM, see Section 7.3, Installing the Key for the High-Bandwidth SSLVPN.
The Access Manager Administration Console must be up and running before you begin upgrading SSL VPN servers. Do not perform any configuration tasks in the Administration Console during an SSL VPN Server upgrade
If you have customized the SSL VPN user interface, make a backup of the customized sslvpnclient.jsp file, then save it as /var/opt/novell/tomcat5/webapps/sslvpnsslvpnclient.jsp.rpmsave file. If a file with that name already exists, then either delete or move the existing file to another location before saving the current .jsp file. See Customizing the SSL VPN User Interface
in the NetIQ Access Manager 3.1 SP5 SSL VPN Server Guide.
Table 8-1 contains a list of upgrade scenarios available for SSL VPN, along with the procedure to upgrade the server.
Table 8-1 Upgrade Scenarios
|
Installation Scenario |
Upgrade Procedure |
|---|---|
|
Traditional SSL VPN, Identity Server, and the Administration Console on the same machine; Linux Access Gateway on a separate machine |
The SSL VPN 3.1 SP5 version cannot coexist with other Novell Access Manager components that are running the 3.1 SP4 version. When SSL VPN is installed along with the other Novell Access Manager component on the same machine, the SSL VPN server is automatically upgraded to 3.1 SP5. For more information, see Section 8.5, Upgrading the Identity Server. |
|
Traditional SSL VPN, Identity Server, Linux Access Gateway, and Administration Console on separate machines |
To upgrade an SSL VPN server that is installed on a separate machine, see Section 8.8.3, Upgrading SSL VPN Installed on a Separate Machine. |
|
Traditional SSL VPN and the Identity server on the same machine; Administration Console and Linux Access Gateway on separate machines |
When SSL VPN is installed along with the Identity Server on the same machine, the SSL VPN server is automatically upgraded to 3.1 SP5. For more information, see Section 8.5, Upgrading the Identity Server. |
|
Traditional SSL VPN and the Administration Console on same machine, Identity Server, Linux Access Gateway on a separate machine |
When SSL VPN is installed along with the Administration Console on the same machine, the SSL VPN server is automatically upgraded to 3.1 SP5. For more information, see Section 8.4, Upgrading the Administration Console. |
|
Traditional SSL VPN and the Linux Access Gateway on the same machine, Administration Console and Identity Server on separate machines |
When SSL VPN is installed along with the Linux Access Gateway on the same machine, the SSL VPN server is automatically upgraded to 3.1 SP5. For more information, see Section 8.6, Upgrading the Linux Access Gateway Appliance. |
Upgrade the Administration Console, Identity Server, and Linux Access Gateways before you proceed with upgrading the SSL VPN server.
Download the upgrade file from Novell and extract the file.
One of the extracted files contains the Administration Console, the Identity Server, and SSL VPN. For the actual filename, see the Readme.
Unpack the tar.gz file by using the following command:
tar -xzvf <filename>
For this installation, you need to unpack the Identity Server .tar.gz file, which contains the SSL VPN files.
Log in as the root user.
Open the unpacked Identity Server file, and enter the following at the terminal window:
./install.sh
When you are prompted to install a product, type 3 to select SSL VPN, then press the Enter key.
The system detects whether an SSL VPN Server is installed, and prompts you whether to upgrade.
Type , then press the Enter key.
Review and enter to accept the License Agreement.
(Conditional) If the SSL VPN machine has been configured with multiple IP address, select an IP address for the SSL VPN server when you are prompted to do so.
Press Enter to accept the current Administration Console IP address.
Specify the name of the administrator for the Administration Console.
Specify the administration password.
Confirm the password, then wait as the system installs the components. This will take several minutes.
(Conditional) View the log files.
The log file is located in the /tmp/novell_access_manager/inst_lag.log file. These log files are all dated and time-stamped.
NOTE:Occasionally, the first SSL VPN user connection might fail after upgrading, especially if you have encountered any problems during the upgrade process. To work around this problem, we recommend that you initiate multiple SSL VPN connections after upgrading.