Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9313
Views
25
Helpful
3
Replies

ASA Auto Backup

Murad*
Level 1
Level 1

‎01-21-2019 12:43 PM - edited ‎02-21-2020 08:41 AM

hi

i tried in couple months ago , some command started with  ( korn ...) to take auto backup from Switches to FTP server and its working normally , so is this command working normally with ASA ??

any one try that ? or there is another idea for auto backup ?

0 Helpful
3 Replies 3

Sheraz.Salim
VIP
VIP

‎01-21-2019 02:24 PM

You can automate that using EEM (available since 9.2(1) - Reference). It would look something like this (substituting your local values  in the backup command syntax):

event manager applet dailybackup
 description "Backup the ASA at midnight"
 event timer absolute time 0:00:00
 output none
 action 1 cli command "backup [ /noconfirm ] [ context name ] [ cert-passphrase value ] [ location path ]"

please do not forget to rate.

please do not forget to rate.

balaji.bandi
Hall of Fame
Hall of Fame

‎01-21-2019 05:16 PM

I suggest to run this on a management server which poll the config and save. You can offload these activities from ASA and let it focus on security.
I am sure most of the network management have autobackup servers our of the box as dedicated services.

If you still looking to run on the box as suggested on other post EEM is the option

Depending on the ASA version you are running, you could set up an EEM script to send the output of more system:running-config to an ftp / tftp server.

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/117883-config-eem-00.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Francesco Molino
VIP Alumni
VIP Alumni

‎01-21-2019 08:34 PM - edited ‎01-21-2019 08:35 PM

Hi

You different solutions to handle this.
You can use EEM since a certain version on asa.
You have different tools that will be able to handle this but i could recommend one which is Rancid.
This is my favorite one, i deploy it for lots of my customers and works for multiple vendors.
On top of it, if you're not so comfortable with Linux, you can also have a web server that will help you read the saved configs, compare them and maybe use this machine as jumphost as well and why not use it as your automation machine with Python scripts.

Well it's free and lot of possibilities.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card