Showing results for 
Search instead for 
Did you mean: 

asa and scp

Level 1
Level 1

How do I use scp with my asa to copy the running-config to a linux device ?


3 Replies 3

Level 1
Level 1

Since this was posted in '06, has no one else had this question? I can scp files to the ASA and can even scp files from disk0 on the ASA to/from a linux box. I cannot however figure out how to grab system:running-config to get the config the same way you would from a tftp. This is for backup purposes to replace tftp.

As I mentioned in my earlier post, you could setup a VPN between the ASA|PIX and the Server running the TFTP daemon to secure the communication, I would give it a try. You can use transport mode for this purpose for minimal overhead.



Here's what I do:

When logged into an ASA via ssh, I run

asa# copy run filename.txt

Then, I scp the file down to my local machine by running

linux$ scp .


TIP: If I have used tftp before on the respective ASA, the filename I could use will be in 'sh run tftp':

asa# sh run tftp
tftp-server inside sf-fw-loc2.txt

My tftp config line will have identifying information in the filename, e.g. ny-fw-loc1.txt, so that I can know which firewall the config is from when I need to restore a file. The filename you create is arbitrary.


TIP: By utilizing ssh keys, you could achieve these scp transfers without passwords. By not using passwords, you could also automate the download process using cron.

Review Cisco Networking for a $25 gift card