Most people do backups using their ntework management software. Cisco Prime Infrastructure, SolarWinds NCM, SolarWinds Cattools are popular commercial options. RANCID is an open source alternative.

If you have an FTP or SCP server you can create a script to kick off periodically and copy the config to it.

As far as a GUI, Cisco ASA's have the ASDM (Adaptive Security Device Manager) tool.

You're welcome. Please rate my replies if they helped you.

Hi,

I have one more question is,

how can I enable ASDM feature in my firewall, currently, I am using Cisco firepower 2130 as an ASA mode?

I need to enable the HTTP service in it so that I can be able to access it via ASDM. how can I do that, actually, its placed in the production environment so that's why I am a little afraid. Please guide accordingly. 

when i run the below command  "show run HTTP" its give me below thing.

http server enable
http 0.0.0.0 0.0.0.0 outside
http 10.1.1.0 255.255.255.0 oob

my firewall IP addresses are 10.1.2.x

should i need to run the below command to access it 

http 10.1.2.0 255.255.255.0 inside

Thank you in advance. 

If you add the command you mentioned it will allow you to access the ASA using ASDM via the inside interface but only if your management PC is in the 10.1.2.0/24 subnet.

If you want to access it from any inside subnet then use the command:

http 0.0.0.0 0.0.0.0 inside

Make sure there's a valid ASDM image on disk and that it is called out in the config with the "asdm image <image file>" command. Also ensure that you have the free 3DES-AES license activated ("show version" will tell you).

You probably don't want ASDM to be accessible from any outside address. To disable that use the command:

no http 0.0.0.0 0.0.0.0 outside

Hi.

could you please guide what you mean about valid ASDM image on the disk? i did not understand the below line.

Make sure there's a valid ASDM image on disk and that it is called out in the config with the "asdm image <image file>" 

please find attached the output of the show version command. I have a cisco smart license.

and thank you, sir, for your guidance. 

"Make sure there's a valid ASDM image on disk" means the binary file (*.bin) for your specified ASDM version is there.

"Called out in the config file" means the running configuration has a line in it as shown below:

ccielab-asa# show run asdm
asdm image disk0:/asdm-7122.bin
no asdm history enable
ccielab-asa# dir disk0:/asdm-7122.bin

Directory of disk0:/asdm-7122.bin

93     -rwx  33696792     13:48:26 Jul 23 2019  asdm-7122.bin

1 file(s) total size: 33696792 bytes
8571076608 bytes total (8302669824 bytes free/96% free)

ccielab-asa# 

The exact version of ASDM may vary for your ASA. We generally recommend the most recent one (currently 7.14(1)46 or file name "asdm-7174-46.bin").

Thank you, sir, for your detailed guidance. 

You're welcome.

Sir, I am struggling while configuring ASDM with my cisco firepower 2130 firewall. it is on ASA mode.

My firewall is on 10.1.2.0 subnet and i am setting in the subnet which is 10.1.57.0 right now i am unable to access my firewall which IP addresses is 10.1.2.1. 

I just want to enable ASDM service and also want to access it via 10.1.57.0 subnet. right now the firewall is as ASA mode(CLI) its hard for me to manage it via command line. 

How can I do this an image is also attached to this.

I run the below commands for your reference but it's not work

To enable ASDM:

http 10.1.57.0 255.255.255.0 inlinemgmta        (Name of interface Port-channel1.2)

access-list outside.in extended permit tcp host 10.1.2.1 host 10.1.57.101 eq http

HTTP server is already enabled as per previous posts.