Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 4

Transfer Systems to New ePO

We have an existing ePO ver. 5.3.1 (IP- with separate Agent Handler(IP- (Published over Internet(IP-, we have many systems those connect via broadband to published agent handler.

Now we have setup an new ePO ver.5.10(IP- along with separate new Agent Handler(IP- (Published over Internet(IP-

So here the confusion is, when we transfer the systems from existing ePO to New ePO, how the systems which are connecting via broadband to published Agent Handler(Existing) will communicate to new Agent Handler. Because the systems which are communicating via broadband doesn't have connectivity to both the ePO server directly (they have only connectivity to published Agent Handler)

Because as per my understanding when we initiate System Transfer it only updates ePO server details but not AH details.

The only option which will help here is to publish New ePO to fullfill the achievement. Or to install Agents manually.

But here we are not planning to publish ePO over internet, So is there any other way/workaround which will help us to meet out requirements.

Labels (1)
3 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Transfer Systems to New ePO

Hi Hemantnk,

Once a system is marked for transfer, it will still appear in the originating server until the agent
performs an ASCI. Once that is done, the originating server sends it a temporary sitelist pointing it to
the target server. When the agent performs a second ASCI, it will call into the target server and get
a normal sitelist, and at that time it will begin appearing in the target ePO server. However, the agent
will not show up in either server between the 1st and 2nd ASCI's.

Also if you chose automatic export the sitelist from the new epo server and verify the agent handlers are listed in it.  Then import it and see if that helps. First try to transfer one system and see if that works, if yes then you can go head and transfer all.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!


McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 4

Re: Transfer Systems to New ePO

Hello Hemant,


The transfer systems concept is source to destination ePO, it wont involve the RAH entries while doing the transfer.

When you transfer the system intiaite is triggered, it writes the entry in the table as below.


The table contains a entry with the destination ePO entry with the certs to update.

The first ASCI it will receives the updated sitelsit and second ASCI it will contact to Destination ePO and then will download the complete sitelist belongs to destination ePO with all entries of the epo & RAH or what ever the assignment rule stating so.

Moreover, the transfer systems will take the inputs from the Server.ini file, which contains only the ePO's information, hence it will not deal with RAH's here

The alternative way for your env, to temporarily configure the destination ePO with public IP before transfer and then get all machines moved and remove this public IP and change natting to RAH as it before.

Other than this, you can use the SCCM / Group Policy / Login scripts / Manual install of MA to get reporting to new ePO as simplest way if you consider the configuring public Ip is not a possible way for your customer.




Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Raghavendra GC - [RGC]
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Transfer Systems to New ePO

Once your new server is set up, you can set your published dns and IP to point to the new server.  Don't transfer systems till you do that, as once you initiate the transfer, they will only have the new epo server in their sitelist and no agent handlers and communication will be lost and they won't be able to connect.  By changing the published dns for the external agent handler, they can then talk to it and get an updated sitelist. You can also do some dns redirects to point those external systems to the new agent handler.  

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community