Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4512
Views
6
Helpful
3
Replies

FTP or SCP to Cloud ESA

Go to solution
Doug Maxfield
Level 1
Level 1

‎07-28-2017 10:31 AM

We are in the process of migrating from ESA appliances on-site to Cloud ESA.  We have exported configurations (Text Resources, RAT files, Destination Controls) that we would like to copy up to the "configuration" directory that is available on the Cloud ESA.  We have instructions on how to create a CLI connection with a tunnel to the Cloud ESA, but would like to have the ability to FTP or SCP also.

Is there documentation available to accomplish this?  

Thanks,

Doug

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Doug Maxfield
Level 1
Level 1

‎08-03-2017 07:45 AM

I was able to figure this out on my own.  Posting for other that may need it.

First you have to setup a secure tunnel to the Cloud ESA system.  Support should be able to supply you the information.  You will need this to run any CLI-commands for your Cloud ESA.  You also need to have Putty installed on your PC.  Also, you need to have SCP enabled on your Cloud ESA (Open a TAC for this)

Then make the connection to the secured tunnel.  When connected, open a command line on your PC and do the following command:

pscp -P 2200 <file name> <username>@127.0.0.1:/configuration

This will upload the file to the /configuration directory on your appliance. 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Doug Maxfield
Level 1
Level 1

‎08-03-2017 07:45 AM

I was able to figure this out on my own.  Posting for other that may need it.

First you have to setup a secure tunnel to the Cloud ESA system.  Support should be able to supply you the information.  You will need this to run any CLI-commands for your Cloud ESA.  You also need to have Putty installed on your PC.  Also, you need to have SCP enabled on your Cloud ESA (Open a TAC for this)

Then make the connection to the secured tunnel.  When connected, open a command line on your PC and do the following command:

pscp -P 2200 <file name> <username>@127.0.0.1:/configuration

This will upload the file to the /configuration directory on your appliance. 

0 Helpful

Go to solution
dmccabej
Cisco Employee
Cisco Employee
In response to Doug Maxfield

‎08-03-2017 08:12 AM

Hello Doug,

Thanks for providing that helpful information for anyone running into the same question. I must have missed this post in my email notifications, so I apologize if you were delayed in finding a resolution.

Here's some additional clarity on the steps :

1) Customer creates Public/Private SSH key pair (quick web search can provide you with instructions specific to your OS and SSH client)

2) Customer provides Public SSH key to Cisco TAC via support case

3) Cisco TAC imports Public SSH key 

4) Cisco TAC provides customer with additional steps to setup SSH client

5) Customer sets up SSH client per the provided steps

6) Customer connects via SSH

7) Customer uses the command provided earlier to manipulate files in the configuration directory on their CES appliances

(2200 can be changed to whichever port you're using to tunnel/forward the SSH traffic)

pscp -P 2200 <file name> <username>@127.0.0.1:/configuration

Thanks!

-DennisM

Go to solution
AARPIronMan
Level 1
Level 1

‎05-18-2022 01:14 PM

What about in reverse?  I have a standalone splunk server on premise and would like to ingest the CEF logs for indexing.  How can i get those logs from the Cloud ESA to my pc?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents