10-11-2011 03:08 AM
I have a Cisco ASA 5505 as a BOVPN endpoint using certificates. The config is complete and I now need to back it up and restore to a cold standby Cisco ASA 5505 that will sit on the shelf until something goes wrong.
Problem is I cannot restore my certifcates to the standby.
Can someone point me to a process please.
I have tried the backup and restore wizard in ASDM and to be honest it didn't work.
Please help.
Thanks,
10-11-2011 06:16 AM
Martin,
Wouldn't it be simpler to put the two in failover for a few minutes (sync is done automatically on bulk sync).
Otherwise I can suggest to export the certificate in PKCS12 (cert + RSA) from active unit and import it into the "standby".
Active:
ciscoasa(config)# crypto ca export TEST pkcs12 cisco123
Standby:
ciscoasa(config)# crypto ca import TESTBLA pkcs12 cisco123
Marcin
10-11-2011 06:37 AM
Failover is a good idea. how can I ensure it syncs in the right direction?
I'm not sure if my base license on the ASA allows for failover. I'll have to check.
I probably should have it set up like that as I build them any way.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide