Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2270
Views
10
Helpful
3
Replies

Restoring ASA Backup in Active / Failover

Go to solution
TW80CJ5
Level 3
Level 3

‎07-28-2020 04:53 PM

Good Evening..

 

We are needing to restore our Active ASA to an earlier date in an Active / Failover setup. They are both ASA 5545X's running ASA 9.14(1).

 

What are the best practices in doing so? We have one folink between the two ASA's.

 

Should we disable the link between the two ASA's and restore from backup on the Active ASA, then restore link?

 

Thoughts / Suggestions?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to TW80CJ5

‎07-28-2020 07:44 PM

When i was saying diff i meant:
-export the actual config
- compare it with the previous config
- remove all new added config and/or add back old config.

This way you can work on standby and then make it primary when changes are done and finally write memory.

If you want to restore using a config file, you'll need another procedure, like breaking the HA, restore the file and build back the ha. Here you can remove ha on both and when you put back ha, you'll need to make sure the one who received the old config is the primary to force the other to fetch the config.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

3 Replies 3

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎07-28-2020 06:46 PM

Hi

What do you mean by restore?
Usually restore is meant for a disaster recovery because restore packages includes certificates and other bunch of files.
If you want to revert back to a previous config, why not doing a diff and adjust the config accordingly?

You can do the change on standby, once you're done, make it as primary and save the config (it will write it to the secondary which will be the old primary.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Go to solution
TW80CJ5
Level 3
Level 3
In response to Francesco Molino

‎07-28-2020 07:06 PM

We are wanting to restore back to an older config on the primary asa. Unfortunately we made some config changes and need to revert back. This is not in production and need to establish a procedure for operations anyways.

 

Can you elaborate" "If you want to revert back to a previous config, why not doing a diff and adjust the config accordingly?"

 

I will try your method described tomorrow in the lab.

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to TW80CJ5

‎07-28-2020 07:44 PM

When i was saying diff i meant:
-export the actual config
- compare it with the previous config
- remove all new added config and/or add back old config.

This way you can work on standby and then make it primary when changes are done and finally write memory.

If you want to restore using a config file, you'll need another procedure, like breaking the HA, restore the file and build back the ha. Here you can remove ha on both and when you put back ha, you'll need to make sure the one who received the old config is the primary to force the other to fetch the config.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card