cancel
Showing results for 
Search instead for 
Did you mean: 

Firmware update clustered IVE's

JorisK_
New Contributor

Firmware update clustered IVE's

Hi,

We currently have two clustered SSL VPN (SA-4500) boxes using firmware version 6.3R1-2 (build 13619) and we want to update their firmware. The devices run in ActivePassive.

Can i simply update the devices one by one using the latest firmware? (or do i need to break the cluster etc.etc.)

Best Regards,

Joris Kemperman

4 REPLIES 4
liukkma_
Occasional Contributor

Re: Firmware update clustered IVE's

Upgrading a cluster is quite easy, because it will automatically update both nodes one-by-one. No need to break the cluster nor update both nodes separately.

JorisK_
New Contributor

Re: Firmware update clustered IVE's

Nice!

So i can simply connect to the cluster IP and start upgrading from 6.3R1-2 (build 13619) to the latest version? No need to upgrade to 6.4 first?

liukkma_
Occasional Contributor

Re: Firmware update clustered IVE's

There's some more information about upgrading in the 7.0R1 release notes:

http://www.juniper.net/techpubs/software/ive/releasenotes/j-sa-sslvpn-7.0R1-releasenotes.pdf

Based on that doc, I think you should be able to upgrade to the latest version directly. I upgraded my 4500 clusters few months ago (from 6.4R2 -> 7.0R3) and it went well without any troubles. You may want to clear the system logs (I cleared all logs..) before upgrade as it should shorten the time it takes.

mattspierce_
Frequent Contributor

Re: Firmware update clustered IVE's

We upgraded our clustered 4500's from 7.0r3 to r4. The upgrade went without error. The second unit failed to boot after the restart. We consoled in and found it at a prompt as to load the new firmware or the previous. We selected new and the cluster synced up without issues. We'll see if that was a glitch at the next firmware update.