02-06-2023 08:58 AM
According to the WSA document, quoted below:
Do not take backup (snapshot) of the virtual appliance using VMware or any other third-party tools, or
restore a virtual appliance from a snapshot. Alternatively, you can take backup of the configuration using
the System Administration > Configuration File menu in the user interface or using the saveconfig
CLI command. You can then load it on another spawned virtual appliance.
I can only backup the configuration and I assume if the appliance went down, I would have to spin-up a new appliance to restore the configuration backup. But why?
Is there a way to do appliance level backup and restore with the v14.5 WSA?
Solved! Go to Solution.
02-06-2023 09:07 AM
02-06-2023 09:07 AM
02-06-2023 09:45 AM
Okey, good to know. But feels like the WSA/ESA AsyncOS is somehow band-aided and outdated over the years from feature set perspective...
02-06-2023 09:55 AM
02-08-2023 12:54 AM
Hello @SIMMN
WSA has a feature for failover, which one WSA went down the other WSA will be in production (Using the Common Address Redundancy Protocol (CARP)
in case if you want both Appliance are holding same configuration you might need to back-up and restore manually or simple use SMA for central configuration and management
steps for adding failure has been covered in USerGuide :
also I believe it could be nice if you take a look at this link to have this feature works properly on a Virtual WSA:
Ensure Proper Virtual WSA HA Group Functionality in a VMware Environment - Cisco
regarding cloning a virtual machine and keeping it as Failover, you still need some manual configuration, when one WSA is down, and also it is not recommended.
on the other hand there are couple of actions which I am just listing here, you might be interested in them, which are related to load balance and failover
[1] you can use Transparent deployment, hosting two or more WSAs, then let the router decide when any device is down and not sending the traffic to that WSA
[2] using PAC file and configuring both (or more) WSA's as proxy server there. (in this case there will be delay till browser makes the decisions to mark first proxy as down and redirect traffic to another WSA for all new sessions- it depends on the browser )
Regards,
Amirhossein Mojarrad
+++++++++++++++++++++++++++++++++++++++++++++++++++
++++ If you find this answer helpful, please rate it as such ++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide