Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4393
Views
5
Helpful
6
Replies

Exporting backup files from Cisco ISE 2.2

Go to solution
Nabil.
Level 1
Level 1

‎05-15-2019 04:18 AM

Hello folks,

I'm trying to find a way (GUI or CLI) to transfer or export backup files from ISE towards tftp or any other type of communication.

 

I hope you can help me  in this regard

Thanks in advance

 

Regards,

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee
In response to Nabil.

‎05-16-2019 09:37 PM - edited ‎05-16-2019 09:38 PM

As Aravind Ravichandran said, we would define the SFTP location as the repository for the backup. Use ISE admin CLI 

"crypto host_key add host {IP|hostname}" to trust the host key.

If you already have the backup files in localdisk directory, then use ISE admin CLI "copy disk:/<Backup-Filename> sftp://{sftpServerIP|name}/path/to/fileDirectory/"

If the remote SFTP user is enabled with PKI, then this copy operation is not working.

Some known issues -- CSCvg32162 and CSCvm43120

View solution in original post

0 Helpful
6 Replies 6

Go to solution
hslai
Cisco Employee
Cisco Employee

‎05-15-2019 05:09 AM

We define a file repository before taking a backup. More info, see Backup and Restore Repositories.

Go to solution
Nabil.
Level 1
Level 1
In response to hslai

‎05-16-2019 12:09 AM

Thanks for your reply, we already have repository configured, but what I want is how to get/download the backup file from ISE local disk as sftp and tftp didn't work.

Thanks,
0 Helpful

Go to solution
Aravind Ravichandran
Level 3
Level 3
In response to Nabil.

‎05-16-2019 12:39 AM

After sftp configured in GUI, you have to generate a crypto key on CLI of admin & MnT node. 

-Aravind
0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to Aravind Ravichandran

‎05-16-2019 02:45 AM

Did you see the information here?

https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_01011.html

Make sure you are on a current recommended release of 2.2 or higher as well as there have been fixes around this . If needing hands on support go to http://cs.co/ise-help

https://community.cisco.com/t5/security-documents/ise-community-resources/ta-p/3621621#Resources
0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee
In response to Nabil.

‎05-16-2019 09:37 PM - edited ‎05-16-2019 09:38 PM

As Aravind Ravichandran said, we would define the SFTP location as the repository for the backup. Use ISE admin CLI 

"crypto host_key add host {IP|hostname}" to trust the host key.

If you already have the backup files in localdisk directory, then use ISE admin CLI "copy disk:/<Backup-Filename> sftp://{sftpServerIP|name}/path/to/fileDirectory/"

If the remote SFTP user is enabled with PKI, then this copy operation is not working.

Some known issues -- CSCvg32162 and CSCvm43120

0 Helpful

Go to solution
Prab
Level 1
Level 1

‎07-29-2021 11:28 PM - edited ‎07-29-2021 11:34 PM

I was able to export the backup file to my FTP server. I have ISE v2.7

I have saved my backup file named Backup2021.tar.gpg in the "backup" directory.

ISE-backup.png

ISE-Dir.png

The command used on the ISE CLI was as following:

copy disk:/backup/Backup2021.tar.gpg  ftp://X.X.X.X/

 

I did not need to perform any extra configuration on the ISE. Also, you don't get any information if the file transfer was successful, so you need to check that manually.

 

Cheers,

Prab

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents