1 Reply Latest reply on Dec 10, 2009 1:00 PM by jstanley

    Redirecting traffic from ePO server to another

      HI

       

      My environment has 2 seperate epo servers at different locations. Once is is epo 4(svr 1) and the other 4.5(svr 2). Half my users communicate to each server.

       

      What I need to know is, if I redirected all traffic via DNS from svr 1 to the srv 2, would the agents on orginally on svr 1 know to speak to svr 2 and communicate to it directly?

       

      I ask this as an alternative to redploying agents as my environment has about 700 users

        • 1. Re: Redirecting traffic from ePO server to another
          jstanley

          We have actually introduced a feature in EPO 4.5 that allows you to switch agents from one EPO server to another but it requires both servers to be EPO 4.5 and clients must be using MA 4.5.

           

          For your situation first you would need to confirm that both servers are using the same agent-to-server communication port. If they are not then you will have to re-deploy the agents. You can confirm this on the Configuration | Server Settings | Ports section of the EPO console.

           

          Then you need to export the agent-to-server communication keys from the server you are moving from and import them to the server you are moving to. You can export/import the keys in the Configuration | Server Settings | Security Keys section of the EPO console.

           

          The next step would be to setup a DNS re-route (alias) so that when clients attempt to connect to resolve the DNS name of the old server they are provided the IP address of the new server. For this to work you will need to either re-IP or de-commission the old EPO server so that clients cannot connect directly via IP. Essentially clients attempt to connect to the EPO server using the following steps (in this order):

          1- First they attempt to connect directly via IP

          2- Then they attempt to resolve the netbios name for the EPO server

          3- Finally they attempt to resolve the FQDN for the EPO server

           

          So if you have imported the agent-to-server communication keys, the agent-to-server communication ports are the same and the clients cannot connect directly via IP but DNS resolves to the IP address of the new EPO server they should be able to successfully connect. Once the clients connect successfully one time to the new EPO server they will receive a new sitelist.xml file which contains all of the connection information for the new server and the DNS re-route will no longer be required.