Solved: Re: firepower crontab

jbates5873 · ‎11-12-2023

hi all,

I am trying to make a firepower using FDM automatically backup its config files to our backup server.

I have accessed it using the root shell, and made the script and tested it works as expected and it does. However when i put it into /etc/cron.daily it does not run.

Originally, i tried editing the crontab. but it was a jumbled mess (assuming by design) so went looking and found cron.daily.

I understand that this is probably "not supported" but lets ignore that, and see if there is a way that i can get this automated sync happening. Im amazed that FDM does not support remote backup in the base product.

Im keen to see what we can come up with.

Many thanks

Jason

jbates5873 · ‎01-22-2024

OK, just to check back onto this, as i have resolved my own issue.

The below will allow you to configure an external target that you can push your FDM backups to in case the unit dies and you need to recover it.

Whats the point of having the backup stored on the box thats just died? Poor effort Cisco.

You will need to have generated a RSA SSH key pair already, and have the public key loaded into your target server.

SSH into the firepower unit and access expert mode.

ssh <firepower_user>@<firepower_ip>
expert

Create the SSH Private Key file and set its permissions to the required level.

vi /ngfw/home/admin/.ssh/id_rsa
<Insert Mode>
<Paste Private key into terminal>
<Escape>
:wq
chmod 400 /ngfw/home/admin/.ssh/id_rsa

enter sudo mode in Firepower

sudo su

Create the backup script that is called daily and also set it to be executable

vi /ngfw/etc/cron.daily/1_firepower_backup
<Insert Mode>
<Paste below command into terminal>
#!/bin/sh
rsync --archive --progress --verbose --rsh 'ssh -oPort=22 -i /ngfw/home/admin/.ssh/id_rsa' /var/sf/backup/ <backup_server_username>@<backup_server_ip>:<backup_server_target_location>
<Escape>
:wq
chmod +x /ngfw/etc/cron.daily/1_firepower_backup

To see the schedule that your cron.daily runs at, you can execute

cat /ngfw/etc/crontab

It will come back with the cron schedule

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=""
HOME=/

# run-parts
#m    h  dom mon dow user       command
*/5   *  *   *   *   root       run-parts /ngfw/etc/cron.5min
01    *  *   *   *   root       run-parts /ngfw/etc/cron.hourly
02    4  *   *   *   root       run-parts /ngfw/etc/cron.daily
22    4  *   *   0   root       run-parts /ngfw/etc/cron.weekly
42    4  1   *   *   root       run-parts /ngfw/etc/cron.monthly

And thats it. That should have your firepower backing up to an external target daily.

View solution in original post

MHM Cisco World · ‎11-13-2023

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/fdm/fptd-fdm-config-guide-660/fptd-fdm-mgmt.html#id_14709

check this you can from FDM backup not need via CLI

Thanks A Lot
MHM

jbates5873 · ‎11-13-2023

i have the backups running on a schedule as needed. My issue is getting them from the FTD to our backup server using SCP or some other method.

I have a script in /etc/cron.daily that runs the command to sync it, and that works as expected.

My issue is scheduling that script to run daily. Having it in the cron.daily folder isnt working.

balaji.bandi · ‎11-13-2023

i have not tried command level

Try if you can use "crontab -e" and add scheduled.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

balaji.bandi · ‎11-13-2023

check below thread can help you : (if GUI not helpfull for you ?)

https://community.cisco.com/t5/security-knowledge-base/firepower-device-manager-fdm-backup-amp-restore-using-rest-api/ta-p/4178793

BB