06-03-2020 06:06 PM - edited 06-03-2020 06:17 PM
Hi all,
I have tried to retrieve the IPS Policies from Cisco IPS by Firepower Management Centre (FPMC) or by Appliance itself but I am unable to.
May I knwo any way to retrieve the IPS policies either from the IPS systems (FPMC or Appiance) or from its backup file?
Plaese advise. Thanks!
regards,
Tangsuan Tan
Solved! Go to Solution.
06-03-2020 06:52 PM
The IPS policies (thousands of rules) cannot be exported directly.
You can export a report of the Access Control Policy (ACP) and related elements. At the top level view in FMC of Policies > Access Control click on the small report icon on the right side of the screen next to the ACP.
06-03-2020 08:17 PM
Hi Tan,
The policies cannot be viewed in user-readable format from the backup file. For user-readable, you could either use the below command on the managed device:
> show access-control-config
Or reporting option under the fmc.
06-03-2020 06:30 PM
Hi Tan,
Please refer to the below link for taking backup from Firepower:
You have an option to choose only "Back Up Configuration".
Regards,
Carol
06-03-2020 06:33 PM - edited 06-03-2020 06:33 PM
Hi Carol,
Thanks to your reply.
After Backup Configuration, is it anyway to extract the Policies from the Backup configuration?
Thanks!
regards,
Tangsuan Tan
06-03-2020 06:52 PM
The IPS policies (thousands of rules) cannot be exported directly.
You can export a report of the Access Control Policy (ACP) and related elements. At the top level view in FMC of Policies > Access Control click on the small report icon on the right side of the screen next to the ACP.
06-03-2020 11:25 PM
Hi Marvin,
Yes, I have generate the Report according to your suggestion.
Thanks to your help on this.
regards,
Tangsuan Tan
06-03-2020 08:17 PM
Hi Tan,
The policies cannot be viewed in user-readable format from the backup file. For user-readable, you could either use the below command on the managed device:
> show access-control-config
Or reporting option under the fmc.
06-03-2020 11:29 PM
Hi Carol,
I have followed the way suggested by Marvin to retrieve from FMC.
Your method by CLI should produce the same result from FMC, right? Any way, thanks to your help on this.
regards,
Tangsuan Tan
06-04-2020 12:29 AM
06-04-2020 04:46 AM
The show command provided by @caroldso needs to be run on the sensor cli, not on the FMC.
06-04-2020 07:56 AM
Hi Marvin,
Thanks to your advice. I got what you mean and I have tried it at the Appliance and it works.
regards,
Tangsuan Tan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide