4 Replies Latest reply on Mar 4, 2013 11:29 AM by PhilM

    License after Disaster Recover

      Hello,

       

      On 7.x and 8.x there is an option to perform a "disaster recovery" when backing up the firewall. I understand that this includes all the config and also the packages(patches) required to bring the system back to exactly the same version after re-imaging.

       

      Can anybody confirm if this also includes licensing as well or will the firewall need to be relicensed (either automatically online or via manual process) again after it is restored.

       

      Many thanks,

        • 1. Re: License after Disaster Recover
          PhilM

          That's a very good question, and to be honest I don't know if it does or not.

           

          But, having said that, it would do you no harm to go to the manual activation web page (https://ssl.securecomputing.com/activation.cfm?product=Sidewinder) and generating a manual copy of the activation key. This presents itself in a web page which you save in .html format and once you have this file, you can use this file to re-activate the Firewall manually from the Admin Console GUI.

           

          Hope that helps.

          -Phil.

          1 of 1 people found this helpful
          • 2. Re: License after Disaster Recover

            Hello,

             

            The disaster recovery backup (and regular backup) contain the Serial number of the appliance. If you restore this to the same appliance, then the firewall should be able to activate with no problem because the firewall/system id should not have changed (it is tied to the hardware). If you restore to a different appliance, you may get an error like "firewall ID does not match our files" when trying to activate. At that point you would need to contact Customer service so that they can reset that.

             

            Hope this helps.

             

             

            -Matt

            1 of 1 people found this helpful
            • 3. Re: License after Disaster Recover

              Hello,

               

              Many thanks for PhilM and mtuma for the advice.

               

              I do understand that I can fill in a manual activation and that it probably uses some unique ID on the firewall (either build-in to the appliance or the MAC address of one of the cards).

               

              What I'm not sure if if there is some unique reference in each install (a bit like SSH keys generated on first boot of FreeBSD) that it needs to match before it's activated.

               

              Just curious if it would spring back to life after a restore already activated or if it would be on 30 days trial awaiting re-activation either manually or automatically.

               

              Perhaps a dd/clonezilla clone of the firewall might be a better option? I'm looking for something I can put together as part of a site DR procedure that has a few steps as possible to be back fully in operation.

               

              Many thanks,

              • 4. Re: License after Disaster Recover
                PhilM
                What I'm not sure if if there is some unique reference in each install (a bit like SSH keys generated on first boot of FreeBSD) that it needs to match before it's activated.

                 

                No - as Matt indicated, the Firewall ID will only change if you change the hardware. Once upon a time (back in the late 1800's) the Firewall ID was actually derived from the MAC address of one of the interfaces. So if you wanted to change your hardware platform you could transplant the NIC and it would still have the same Firewall ID. Something tells me that in recent times this value is now derived from something else (motherboard, perhaps?). But the same piece of hardware will generate the same Firewall ID no matter how many times you re-install the software.

                 

                -Phil.