Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Have you already looked at the Cisco doc that describes the process?http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008072142a.shtmlIf you need to automate it, there are suggestions in the Cisco doc for that. Otherwise ...
Yeah, you can back it up via TFTP without an authentication challenge - that's not a problem. You can even build an ACL to limit the IP addresses that can perform a TFTP GET against the ASA (to pull the config). There are a number of scripts and tool...
I'm using an Expect script from a linux host that leverages SSH and SCP. Feel free to look at it here:http://paklids.blogspot.com/2012/01/securely-backup-cisco-firewall-asa-fwsm.htmlI usually kick off the expect scipt to add some other fancy features...
