cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1615
Views
5
Helpful
6
Replies
Nabil.
Beginner

Exporting backup files from Cisco ISE 2.2

Hello folks,

I'm trying to find a way (GUI or CLI) to transfer or export backup files from ISE towards tftp or any other type of communication.

 

I hope you can help me  in this regard

Thanks in advance

 

Regards,

 

1 ACCEPTED SOLUTION

Accepted Solutions
hslai
Cisco Employee

As Aravind Ravichandran said, we would define the SFTP location as the repository for the backup. Use ISE admin CLI 

"crypto host_key add host {IP|hostname}" to trust the host key.

If you already have the backup files in localdisk directory, then use ISE admin CLI "copy disk:/<Backup-Filename> sftp://{sftpServerIP|name}/path/to/fileDirectory/"

If the remote SFTP user is enabled with PKI, then this copy operation is not working.

Some known issues -- CSCvg32162 and CSCvm43120

View solution in original post

6 REPLIES 6
hslai
Cisco Employee

We define a file repository before taking a backup. More info, see Backup and Restore Repositories.

Thanks for your reply, we already have repository configured, but what I want is how to get/download the backup file from ISE local disk as sftp and tftp didn't work.

Thanks,

After sftp configured in GUI, you have to generate a crypto key on CLI of admin & MnT node. 

-Aravind

Did you see the information here?

https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_01011.html

Make sure you are on a current recommended release of 2.2 or higher as well as there have been fixes around this . If needing hands on support go to http://cs.co/ise-help

https://community.cisco.com/t5/security-documents/ise-community-resources/ta-p/3621621#Resources
hslai
Cisco Employee

As Aravind Ravichandran said, we would define the SFTP location as the repository for the backup. Use ISE admin CLI 

"crypto host_key add host {IP|hostname}" to trust the host key.

If you already have the backup files in localdisk directory, then use ISE admin CLI "copy disk:/<Backup-Filename> sftp://{sftpServerIP|name}/path/to/fileDirectory/"

If the remote SFTP user is enabled with PKI, then this copy operation is not working.

Some known issues -- CSCvg32162 and CSCvm43120

View solution in original post

Prab
Beginner

I was able to export the backup file to my FTP server. I have ISE v2.7

I have saved my backup file named Backup2021.tar.gpg in the "backup" directory.

ISE-backup.png

ISE-Dir.png

The command used on the ISE CLI was as following:

copy disk:/backup/Backup2021.tar.gpg  ftp://X.X.X.X/

 

I did not need to perform any extra configuration on the ISE. Also, you don't get any information if the file transfer was successful, so you need to check that manually.

 

Cheers,

Prab

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars



Did you miss a previous ISE webinar?

CiscoISE YouTube Channel