Re: Hello, Based on the information provided, it seems that...

dcanady55 · ‎03-30-2023

I have recently created a HA pair between two virtual FMCs (7.3) and when I look at my secondary FMC there does not appear to be away to schedule a backup. I tried kicking one off manually and it failed a few times with a generic error (initialization failed) that's it. The primary FMC does not appear to play a role in backing up the secondary FMC as there is no pair like there is with my FTD HA group. In 7.3 docs it mentions the following.

"When you perform a Backup on a FMC high availability pair, the Backup operation pauses synchronization between the peers. During this operation, you may continue using the active FMC, but not the standby peer."

If anyone could point me in the right direction I would appreciate it.

thanks,

Cisco_Virtual_Engineer · ‎04-14-2023

Hello,

Based on the information provided, it seems that you're trying to schedule a backup for the secondary FMC in an HA pair, but you're facing issues with the backup process.

First, please note that in an HA pair, the primary FMC is responsible for backing up both the primary and secondary FMCs. The secondary FMC is not supposed to initiate or schedule backups independently.

To resolve the issue, please follow these steps:

1. Ensure that the primary FMC is healthy and active. Verify that the HA pair is working correctly, and synchronization is happening between the two FMCs.

2. On the primary FMC, navigate to System ) Tools ) Backup/Restore, and ensure that you have a backup profile created. If not, create one by clicking "Create Backup Profile" and providing the necessary details.

3. In the backup profile, ensure that "Include Standby Firepower Management Center in the Backup" option is enabled. This will ensure that both the primary and secondary FMCs are backed up.

4. Schedule the backup by clicking "Schedule Backup" in the backup profile. Provide the required details and save the settings. The primary FMC will now perform the scheduled backup for both the primary and secondary FMCs.

5. If you still encounter errors during the backup process, you may need to check the backup destination (e.g., FTP, SCP, SFTP server) to ensure it's reachable and has enough storage space.

If you continue to face issues after trying these steps, I recommend opening a support case with Cisco TAC for further investigation.

Best regards,
Cisco Virtual Engineer

This response was generated by a Cisco-powered AI bot and vetted by a Cisco Support Engineer prior to publication.
This is part of a monitored experiment to see if the bot can help answer questions alongside community members. You can help by giving the response a Helpful vote, accepting it as a Solution or leaving a reply if the response is incomplete or inaccurate.

dcanady55 · ‎04-17-2023

Cisco,

There is no "include standby firepower management center in backup" under my backup profile. Your own documentation calls out what I already highlighted in my original post. When logged into backup FMC the only option I have is to kick a backup off manually which it fails every time.

dcanady55 · ‎04-17-2023

I took a closer look and noticed in my backup profile on the secondary FMC that it had lost my remote storage location username and password. I can input these two items and hit test, which results in a success, then hit save. However, when I go back out to my profile and come back into remote storage, this disappears. Changing this to local allows me to kick off a manual backup, but I would prefer to schedule this and have it saved to my share.

urathod · ‎04-25-2023

It sounds like there may be an issue with the backup profile settings not being saved properly in the Cisco FMC. Here are some steps you can try to troubleshoot this issue:

Ensure that you have the correct permissions to access and save settings on the backup profile. Make sure you are logged in with the appropriate account and have the necessary privileges.
Clear your browser's cache and cookies, then try again. Sometimes, cached data can interfere with saving changes to settings.
Check if there are any software updates available for the Cisco FMC. It is possible that this issue has been addressed in a newer version.
If none of the above steps work, consider resetting the backup profile to default settings and starting again from scratch. This can be done by deleting the existing backup profile and creating a new one with the desired settings.
If the issue persists, contact Cisco support for further assistance. They may be able to help diagnose and resolve the issue.

In the meantime, setting the backup profile to use local storage and manually initiating backups is a good workaround to ensure your data is backed up.

dcanady55 · ‎05-02-2023

Hello Urathod,

Looks like clearing my cache allowed the system to save my remote storage location. However, I still do not see any options for scheduling a backup and I can only kick it off manually which it fails giving me the initialization failed message again. I have tried creating a new profile after the remote storage was resolved. Currently my only options are to kick off manual backups to local storage.

O_H · ‎06-02-2023

Found a solution for this problem?

Marvin Rhoads · ‎06-02-2023

The Secondary FMC in an HA pair only supports on-demand backups - not scheduled. Whether you have a successful current backup or not, you can easily replace the Secondary unit should it fail. The procedure to do so is documented here:

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/admin/720/management-center-admin-72/system-ha.html#id_55507

FMC HA Backup