Solved: Re: FMC Backup and Copy Failing

mumbles202 · ‎04-16-2020

I have an FMC running 6.5.0.4 that I can't get to copy to a remote server when the backup completes. I've tried a Windows server running Solarwinds as well a Ubuntu server using Openssh. I've tried confirmed I can ssh from the FMC directly to the server and I added the FMC key to the Ubuntu authorized_keys file as well just to be sure but still having issues w/ the copy. I can manually connect to the FMC and download the file but the plan was to get the copy to an offsite server to be done automatically.

Francesco Molino · ‎04-16-2020

Hi

Can you share the screenshot of what you configured on fmc backup?

Stupid and obvious question: have you validated if FMC user you type in has the right to write data on the remote path?

When you download the file manually, are you doing towards the same remote path?

Can you connect to your FMC using CLI and go to expert mode. Then try to ssh your remote server to validate connectivity.

Also from expert mode, can you run the command cat /var/log/backup.log | grep x.x.x.x

--> Replace x.x.x.x by the name or IP of your remote SSH

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

Francesco Molino · ‎04-16-2020

Hi

Can you share the screenshot of what you configured on fmc backup?

Stupid and obvious question: have you validated if FMC user you type in has the right to write data on the remote path?

When you download the file manually, are you doing towards the same remote path?

Can you connect to your FMC using CLI and go to expert mode. Then try to ssh your remote server to validate connectivity.

Also from expert mode, can you run the command cat /var/log/backup.log | grep x.x.x.x

--> Replace x.x.x.x by the name or IP of your remote SSH

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

mumbles202 · ‎04-17-2020

Thanks for the reply. I created a single user on the Ubuntu server and I can connect to the server using WinSCP and make a directory and copy files to it. I also confirmed from the FMC I'm able to connect to the Ubuntu server via ssh and login.

I'm trying to save the files a folder in the in the home directory of the user. I've also tried just / as the path and /folder/ as well.

I setup a test server to replicate and I'm getting this in the logs:

admin@firepower:~$ cat /var/log/backup.log | grep 10.110.25.154
'-stacktrace' => 'Problem performing scp: The authenticity of host \'10.110.25.154 (10.110.25.154)\' can\'t be established.
'-text' => 'Problem performing scp: The authenticity of host \'10.110.25.154 (10.110.25.154)\' can\'t be established.

I connected via sshfrom the FMC, allowed the key but had the same issue.

mumbles202 · ‎04-17-2020

So I was able to fix my error on the test system (I added the device as remote storage so the key would be imported, then changed back to local storage). After that backups completed and copied w/o an issue. On the production box however I'm not even getting anything in the log for the backup device.

mumbles202 · ‎04-17-2020

While I wasn't getting any errors in the production system log I thought I'd give the same procedure a try and it worked there as well.

Francesco Molino · ‎04-17-2020

so now it works or still having issues?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

mumbles202 · ‎04-24-2020

It's currently working properly since I made that change and imported the key successfully.

Francesco Molino · ‎04-24-2020

Glad to know.
Don't forget to rate and mark as correct answer if my answer helped you.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question