Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
10596
Views
0
Helpful
0
Comments

How to backup the configuration file on the PIX Firewall

TCC_2
Level 10
Level 10

‎06-22-2009 03:37 PM - edited ‎03-08-2019 06:09 PM

Core issue


It is a recommended practice to backup the configuration of the PIX Firewall for use in emergencies or for disaster recovery. But, the PIX does not support an external Flash card. The internal Flash does not support the backup of the configuration file. The configuration file must be saved externally.

Resolution

The PIX configuration file can be saved on a TFTP server or onto a floppy diskette.

In order to backup the PIX configuration file on a TFTP server, complete these steps:


  1. Install a TFTP server on a workstation and make sure that the services run. Take note of the IP address of the workstation.


  2. Configure the IP address of the TFTP server workstation and the path name on the PIX with this command:

    PIX(Config)#tftp-server interface_name IP_address filename

    Note: The interface name is optional and by default, an inside interface is assumed for version 6.x. IPv6 addresses can also be given in version 7.x.

  3. In order to backup the configuration on the TFTP server, issue this command:

    PIX(config)#write net

    The file is saved to whichever directory the TFTP server points to at the time the command is issued.
       

Example: In this example, a TFTP server runs on a workstation with the IP address of 192.168.1.5, and the filename is mybackup.

PIX(config)#tftp-server inside 192.168.1.5 mybackup

PIX(config)#write net

Note: When the tftp-server command and the filename are defined, every time the write net command is issued, the current configuration file is always overwritten.

In order to backup the configuration file and save a copy of every backup for future reference, do not define the TFTP server. Instead, issue this command:

  PIX(config)#write net tftp server IP : filename


In order to backup the PIX configuration file on a floppy drive (for version 6.x only):

If the PIX has a floppy drive, it is possible to save the file to an external floppy diskette. Issue the write floppy command in order to backup the configuration to a floppy diskette.

Not all PIX models have floppy drives. If the PIX does not have a floppy drive, it is necessary to use the TFTP server in order to save the configuration file.

Note: The PIX hardware model 520 supports a floppy drive.

Refer to PIX/ASA: Backup and Restore the Security Appliance Configuration Files Using TFTP Server for information on how to restore the backup configuration from the TFTP server.

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents