The purpose of this document is to provide guidance on configuring ACS 5.x to take backup of its configuration data. It is highly recommended that you you backup the ACS 5.x configuration data in timely fashion in order to restore the same backup if ACS 5.x crashes, or, if you need to build a new system from scratch.
Types of Backup
There are 2 types of backups that you can create on ACS 5.x
1. One time backup - This will create a backup on the repository immediately. For a primary instance, you can back up the following:
[a] ACS configuration data only
[b] ACS configuration data and ADE-OS configuration data
For secondary instances, ACS only backs up the ADE-OS configuration data.
2. Scheduled backup - You can schedule backups to be run at periodic intervals. You can schedule backups from the primary web interface or through the local CLI. The Scheduled Backups feature backs up ACS configuration data.
The first step towards taking backup on the ACS 5.x is to create a repository that will specify the protocol and the location where the backup has to be stored. In case you already have a repository configured on the ACS 5.x then you can skip to the backup creation section.
Create a repository
Repositories are required to be configured on the ACS 5.x to export and import data. To create, duplicate, edit, or delete a software repository:
Choose System Administration > Operations > Software Repositories. Click on Create to create a new repository.
Complete the fields in the Software Repositories Properties Page. Following are the protocol choices that you have.
ACS 5.x Repository Configuration Protocol Information
The name of the protocol that you want to use to transfer the upgrade file. Valid options are:
DISK—If you choose this protocol, you must provide the path.
FTP—If you choose this protocol, you must provide the server name, path, and credentials.
SFTP—If you choose this protocol, you must provide the server name, path, and credentials.
TFTP—If you choose this protocol, you must enter the name of the TFTP server. You can optionally provide the path.
NFS—If you choose this protocol, you must provide the server name and path. You can optionally provide the credentials. If you choose this protocol, make sure that ACS has full access to the NFS file system. You must have read-write and allow root access permission on the NFS file system.
3. Click Submit.
Here is a screenshot of repository configuration page:
Create a one time backup
1. Choose System Administration > Operations > Distributed System Management.
2. From the Primary Instance table or the Secondary Instances table, select the instance that you want to back up and click Backup.
You can select only one primary instance, but many secondary instances for a backup.
3. Enter a filename prefix to which ACS appends the backup time stamp. Then click Select to open the Software Update and Backup Repositories dialog box, from which you can select the appropriate repository in which to store the backup file.
There are 2 backup options while taking the backup of the primary instance. Secondary only takes ADE-OS backup.
Backup Options (only applicable for primary instances)
ACS Configuration Backup
Click this option if you want to back up only the ACS configuration data.
ACS Configuration and ADE-OS Backup
Click this option if you want to back up both the ACS configuration data and the ADE-OS configuration data.
Select the backup option that you want and click Submit.
Create a scheduled backup
You can create a scheduled backup only for the primary instance. To create, duplicate, or edit a scheduled backup:
2. Provide a Filename, Repository, and the schedule at which the backup should be taken. Avoid scheduling the backup at mid-night, as there are other scheduled jobs that are run at mid night by ACS 5.x automatically.
Hello, We are planning to send the Cisco FTD logs to an external Syslog server. But the server team informed that the logs should be in CEF format. What is the default syslog format used by Cisco FTD?. Does it support CEF format?. Thanks Sh...
Greetings all,I inherited a VSOM environment that is in a suboptimal state and I'm looking for pointers to get it back in order. This was an old install base originally deployed on 7.6 (or thereabout) and running 7.11 when I took over. I upgraded to 7.14....
Hi Everybody, I have a need to create a tunnel from an office with a dynamic IP to our main data center with static IPs. Looking at the directions below, it says "The information in this document is based on Cisco ASA (5510 and 5520) Firewall Softwar...
ISE 3.0 patch 49200 Catalyst switch XE 7.3.1Wired guest portal issue. Redirect isn't working - Test Guest portal on ISE work successfully- Live logs and switch port shows ISE sending the redirect URL successfully- IPDT is configured on the swit...
I observed whenever “Inline Result” generated “would have dropped” action , traffic processed by the IPS Policy ( INTPOL-01v1 from the Image ) which is called at Advanced Section of Actual Policy ( Perim-01 1st Image ). Even though “...