Re: asa and scp

Yves-Buecking_2 · ‎05-10-2006

How do I use scp with my asa to copy the running-config to a linux device ?

Thanks

khinze · ‎06-09-2008

Since this was posted in '06, has no one else had this question? I can scp files to the ASA and can even scp files from disk0 on the ASA to/from a linux box. I cannot however figure out how to grab system:running-config to get the config the same way you would from a tftp. This is for backup purposes to replace tftp.

Farrukh Haroon · ‎06-09-2008

As I mentioned in my earlier post, you could setup a VPN between the ASA|PIX and the Server running the TFTP daemon to secure the communication, I would give it a try. You can use transport mode for this purpose for minimal overhead.

Regards

Farrukh

btarver · ‎03-17-2015

Here's what I do:

When logged into an ASA via ssh, I run

asa# copy run filename.txt

Then, I scp the file down to my local machine by running

linux$ scp user@sf-fw-loc2.domain.com:filename.txt .

TIP: If I have used tftp before on the respective ASA, the filename I could use will be in 'sh run tftp':

asa# sh run tftp
tftp-server inside 10.0.0.21 sf-fw-loc2.txt

My tftp config line will have identifying information in the filename, e.g. ny-fw-loc1.txt, so that I can know which firewall the config is from when I need to restore a file. The filename you create is arbitrary.

TIP: By utilizing ssh keys, you could achieve these scp transfers without passwords. By not using passwords, you could also automate the download process using cron.