How to reinitialize a ProxySG with a single disk system (default SSL keys only)

book

Article ID: 166459

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

How to reinitialize a single disk system (default SSL keys only)
How do I reinitialise a ProxySG with a single disk drive?
What are the steps necessary for disk reinitialisation on a single drive ProxySG?

Resolution

The following steps help you prepare for the reinitialization of the hard disk on a ProxySG with a single hard drive. 

IMPORTANT NOTE:  The reinitialization of a hard drive on a ProxySG with a single hard drive will result in data loss.  Please make sure that you have physical (serial console) access to the device.  Please review these instructions prior to performing the hard drive reinitialization.

  1. Request a copy of your device's license from Blue Coat
    1. You can license your ProxySG via the Management Console after the restore is completed.  To perform that retrieval, launch the Management Console, go to the Maintenance tab > License > Install.  Click on the "Retrieve" button.
    2. Just in case the retrieval fails for any reason, it would be a good idea to have a copy of your license so that you can install using the local file.  To obtain a copy of your license, send an email to [email protected] .  Please supply your company name, contact name, and serial number of the ProxySG.
  2. Make a backup of the "configuration-passwords-key" keyring.  Please see 000012716 for details on how to backup this keyring.
  3. Copy the content filter database key.
    1. Go to https://<proxy.ip.address>:8082/sysinfo
    2. Find the "Content Filter Status" section
    3. Copy the "Download License key".
  4. Backup the system configuration
    1. Launch the Management Console.  Go to the Configuration tab > General > Archive > View Current Configuration (just the top section of this page).
    2. Select "Configuration - expanded setup"
    3. Click "View" (brings up the config in a new browser window)
    4. Save using the web browser's File/Save function.
  5. Reinitialize the disk
    1. Have a serial cable connected to the ProxySG and launch the command line interface (CLI).  NOTE:  Do not use SSH as you will loose connectivity.
    2. Go into enable mode
    3. From the CLI, type:  reinitialize
  6. Run through the initial setup via CLI.  When the ProxySG finishes the disk reinitialization, it will reboot and come back up as a new system.  This is when you configure the network settings and admin username and password.  When finished, you can launch the Management Console to restore the SSL key and configuration.
  7. Restore the "configuration-passwords-key" keyring.  Please see 000012716 for details on how to restore this keyring.
  8. Download your content filtering database using the download license key.
  9. Restore the system configuration
    1. Launch the Management Console
    2. Go to the Configuration tab > General > Archive > Install Configuration from:
    3. Select "Local file".
    4. Click "Install".
    5. Browse to where you saved the system configuration file.
    6. Select and click "Open" and this initiates the install.
    7. Wait.  When the configuration restore is finished, it will tell you that it was successful.
      1. Errors are reported for all types of reasons, but getting errors does not necessarily mean the install was not successful.  Some errors may be expected.  If you get errors, be sure to save them (copy/paste to a text file) and send them in with a service request.  Also, click through the proxy and test it to make sure things are working as expected.  If you have restored the keyring properly, more than likely you will not receive any errors.
      2. Errors will be reported for several reasons that are not necessarily "fatal".  For example, if you restore the config before restoring the SSL key, then this will generate errors as the proxy tries to decrypt those passwords and fails.  However, the config will be restored.  Effectively it just means you have to manually reset those passwords from the Management Console.  Also, if you have IP information in your config and restore that to a proxy that already has network settings configured, that will generate errors as the proxies tries to set those network settings and realizes there are settings already there.  Again, these errors do no harm.  The key is to test the proxy and to make sure it is running and executing policy and filtering content as expected.