This Article explain way to back and restore configuration of ASA running on Firepower 2100 series platform. When you run ASA on Firepower 2100 platform, you have two software, FXOS and ASA on the platform. You need to backup config on both software. As on ASA 9.8.2, you can backup ASA config using Copying "show running-config". FXOS needs manual configuring.
Backup ASA Configuration:
ASA Configuration can be backup with any one of below items.
1) Copy running-config ftp:/scp:/smb:/tftp: (Copying ASA running configuration to ftp, scp, SMB, tftp, through Management or any of data interfaces)
2) Copy startup-config ftp:/scp:/smb:/tftp: (Copying ASA running configuration to ftp, scp, SMB, tftp, through Management or any of data interfaces)
3) Simply copy (show running-config) and paste to text file
Restoring ASA Configuration:
Restoring ASA config to ASA can be either of below steps.
1) Simply copy past ASA config file on ASA console/Terminal.
2) Copy ftp:/scp:/smb:/tftp: running-config
FXOS Configuration Backup & Restore:
Since FXOS on FP2100 doesn't have backup option, all configurations need to be noted down manually. "show tech-support fprm" can be also used, which have some of below configuration. You may use FCM Firepower Chassis Manager or FXOS CLI to configure below parameters.
Firepower Chassis Manager: https://<FXOS-IP>
Management IP address for FXOS: firepower-2110#Scop fabric-interconnect a firepower-2110 /fabric-interconnect #set out-of-band static/DHCP
DNS Config: firepower-2110#Scope system firepower-2110 /System#Scope Services firepower-2110 /system/services # create dns
We have a Cisco ASA5545 running IOS 9.1. ASA currently has over 500 active ikev1 tunnels to different partners. We will like to enable ikev2 on the box while keeping all our ikev1 tunnels active with no service disruption. kindly assist with steps to take...
Hi,I have a ASA setup with 2 IPSEC VTI tunnels to the same remote site. I like to check if it may be possible to perform ECMP for outgoing and incoming traffic thru the VTI tunnels? The setup is a single ASA to a ios router on 2 x IPSEC VTI tunnels ...
I have a setup with 4 HA pairs of FTD's in the FMC Global domain all running 6.6.4.x. We intend to deploy many more, so have decided we need to segregate access based on geo-location of the FTD's. So I need to create new subdomains for the new FTD's aroun...
Hi, We want to implement a security on router and want to block all incoming traffic to router (from outside) but want to allow all traffic from inside. Please let us know how can we do this. Please let me know if need any more info. ...
We have a customer who uses the AnyConnect VPN software to connect to their database and have come up against an issue where the software does not work when the users are in the office. They have advised that they believe this is down to the fact they use...