Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
481
Views
0
Helpful
3
Replies

Remote Access VPN Policy - Accidental Deletion from FMC

Go to solution
GreenAnt
Level 1
Level 1

‎11-13-2022 09:22 PM

Hi all,

I won't bore you with the full story, but I accidentally deleted a policy from our FMC (Devices > VPN > Remote Access)

I have not Deployed it, so I'm assuming that the policy is still in place on the Firewall itself.

However, I do not know how to get that policy back. Does it need to be restored from a backup, or can I get it back from the Firewall in some sort of "Reverse Deploy" scenario?

We have a partner that usually helps with this stuff, but they are not returning my calls (I'll most likely drop them after this and get another partner). I'm just concerned that there might be an automated backup that might overwrite our previous one (or even worse an automated deployment that will prevent VPN access) by the time these guys respond to me.

Is there an easy way to reverse my stupid mistake, or do I have to do a full restore from backup?

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-14-2022 04:31 AM

A full FMC restore would get it back. Unfortunately there's no feature such as an "incremental restore" to get back only what was inadvertently deleted.

You could also rebuild it in FMC using the relevant sections of the running-config as your guide (show running-config webvpn, tunnel-group, group-policy etc.). Do a diff of the running-config text file before and after you redeploy to make sure you got everything.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-14-2022 04:31 AM

A full FMC restore would get it back. Unfortunately there's no feature such as an "incremental restore" to get back only what was inadvertently deleted.

You could also rebuild it in FMC using the relevant sections of the running-config as your guide (show running-config webvpn, tunnel-group, group-policy etc.). Do a diff of the running-config text file before and after you redeploy to make sure you got everything.

0 Helpful

Go to solution
GreenAnt
Level 1
Level 1
In response to Marvin Rhoads

‎11-14-2022 02:14 PM

Thanks for the reply. 

That, unfortunately, confirms my suspicions. Since I still haven't heard back from our useless Network partner.

I'll see if I can get a running-config and rebuild. Though the FMC rebuild might be less painful, assuming the Network guys have been doing regular backups...

0 Helpful

Go to solution
Herald Sison
Level 3
Level 3
In response to GreenAnt

‎11-14-2022 03:08 PM

If i were on your case i would rebuild the RAVPN ASAP that might be the fastest way to do than wait for your service provider. I think the only important thing that you need is the certificate and the address pool which is more likely not deleted and most probably still saved in your FMC. You just need to point them in your configuration.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card