Solved: Automating Backup of Config - Page 2

Mike Kwilosz · ‎02-09-2011

I'm looking to setup a way to backup the configuration of my C370's. Currently I know how to do so manually through the GUI. Is there a way to automate this and back it up through the CLI? I was searching through the CLI yesterday but I couldn't find what the command was to save the config out. I would assume if I could find the command I could setup a job through our Kiwi CatTools to do so. Let me know if anyone knows how to do this or if you've found another way to do this effectively.

Thanks,

Mike

SaiSuhanth Puligadda · ‎09-13-2019

It's Not Working.

Jeff Ferrell · ‎06-27-2014

I came here with the same issue and adapted some items to work for me in my windows environment.

I also have 6 Ironports, some require SSHv1, some SSHv2 and one is the IEA which is different yet again.

I'll share my scripts, please let me know if you have questions on them as I did not document it all.

Schedule this BAT file below to run as often as you require. It will connect to a device that you tell it to, and backup the config then FTP the file back to the server.

Some of my older devices require SSHv1 still, so I check if the device supports v2, and connect that way, otherwise if not specified, fall back to v1. I also have an Encryption appliance, so that is all done via linux commands, that is the "iea" device. I was using public/private keys, but since I needed the password via FTP, I scrapped the key part.

BAT FILE:

@ECHO off
setlocal ENABLEDELAYEDEXPANSION
SET FTPCONFIG=%1FTP.txt
SET PLINK="C:\Program Files (x86)\PuTTY\plink.exe"
SET PSCP="C:\Program Files (x86)\PuTTY\pscp.exe"

::DATE - Sets %newdate% variable = yyyymmdd
for /f "tokens=2-4 delims=/ " %%a in ('date /t') do set NEWDATE=%%c%%a%%b

::GENERATE CONFIG FILE -2 FOR SSH v2 DEVICES
IF %1==ironport.congressionalfcu.org (
%PLINK% -pw "password" -2 backup@%1 "saveconfig 0"
) ELSE IF %1==wsa (
%PLINK% -pw "password" -2 backup@%1 "saveconfig 0"
) ELSE IF %1==iea (
%PLINK% -pw "password" -2 admin@%1 "sudo rm -f /backup/server-*.tgz"
%PLINK% -pw "password" -2 admin@%1 "sudo tar zcf /backup/server-%NEWDATE%.tgz /usr/local/postx/server"
%PSCP% -pw "password" -2 admin@%1:/backup/server-%NEWDATE%.tgz "d:\SolarWinds\Configuration Management\Config-Archive\IEA\server-%NEWDATE%.tgz"
GOTO EXIT
) ELSE %PLINK% -pw "password" -1 backup@%1 "saveconfig 0"
)

::RETREIVE CONFIG VIA FTP
ftp -s:%FTPCONFIG% %1

:EXIT

Then I have the FTPCONFIG txt file for each device that I call, it just gets all XML files, then deletes them from device. I have one of these for each device, b/c I could not figure out how to pass a varialbe from my BAT file to this file to set the LCD of where to store the config:

backup
password
lcd "D:\SolarWinds\Configuration Management\Config-Archive\wsa"
cd configuration
prompt
mget *.xml
mdelete *.xml
quit

Hope this helps someone out there.

Sylvain_Che · ‎12-29-2016

Hi guys,

Find below the script I used in my Windows environment to backup a cluster of IronPort and a SMA:

BAT script:

For the cluster, I'm using the IP of the first member to run the script. I connect through SSH keypair. Entering into clustermode generates an error but backup job still works well.

@echo off

set TODAY_DATE=%date:~-4,4%%date:~-7,2%%date:~-10,2%

set BACKUPS_PATH="\\network_share"

set PRIVKEY="C:\MailGW\IRONPORT.ppk"

C:\ssh\plink.exe IP_Ironport -i PRIVKEY -l admin "clustermode 1 saveconfig 3"

C:\ssh\pscp.exe -i PRIVKEY admin@IP_Ironport:/configuration/*%TODAY_DATE%* IronPort-bkp_%TODAY_DATE%.xml

move *.xml %BACKUPS_PATH%\

For the standalone SMA, the script is the same except the plink.exe command is "saveconfig N".

Then I configured a Scheduled Task to perform backup on a regular basis.

Credits to: http://somoit.net/ironport/ironport-automate-commands-scripts-from-windows

Hope it can help.

Regards,

Sylvain.

monderick · ‎01-05-2017

nice work Sylvain, implementing this in my environment.

are the old .xml files on the SMA cleaned up automatically or should they be deleted once copied locally as some of the others here have done?

Sylvain_Che · ‎01-06-2017

No they are not cleaned up automatically. Ideally logs should be deleted from the appliance but since their weight is quite small (about 300KB) and my SMA is backed up only once per month, so it's not a big deal for me.

In the mean time, I read some posts that the deletion of those xml files is not possible/not really easy to put in place (https://supportforums.cisco.com/discussion/11973191/delete-configuration-files).

Sylvain_Che · ‎01-26-2017

It seems the backup script was not running well in fact because of the clustermode error I received in the output.

Change the plink command by "clustermode cluster; saveconfig y 3".

Sylvain.

soporte_red · ‎10-05-2017

Hello

Here is my solution

#saves the config and then copies it locally via SCP to a directory called ironport/config-backups
HOSTNAME=X.X.X.X
USERNAME=ironport
FILENAME=`ssh $USERNAME@$HOSTNAME "saveconfig 3 yes" | grep xml | cut -c 2-65 `
scp $USERNAME@$HOSTNAME:$FILENAME /backup/Ironport/backup