Cisco Firewall :: ASA 5520 Configuration Backup With Archive?

Nov 15, 2011

On our cisco 3750 switches we can take config backups with the archive command. After every "write mem" it rights the config to our backup server. We would like to do this also for our asa 5520 with version 8.2(2). I also searched in the command reference guide, but I can't seem to find the proper command to do it.

View 2 Replies


ADVERTISEMENT

Cisco WAN :: 5520 / Backup Internet Link Configuration

Dec 14, 2012

i have two internet links each of which from different ISP and different real ip addresses.Want to make the second backup internet work for Internal and external (AnyConnect) users.
 
my question:  is that applicable to register single A record with different real ip addresses? and also is the AnyConnect method the best solution for them?
 
note: i have single firewall 5520 behind the cable modems.

View 3 Replies View Related

Cisco Firewall :: ASA 5520 Inbound Traffic On Backup ISP Connection

Nov 3, 2011

I have a client that has an ASA 5520 that has two internet connections, FIOS and Comcast.  The ASA is configured to failover from the FIOS to the Comcast if the FIOS fails.  This works perfectly fine.  However, I was wondering if VPN and other inbound traffic will come into the secondary connection when it is active.  I think VPN will work inbound when the FIOS connection fails, but I am not sure about the other inbound connections. 

View 1 Replies View Related

Cisco Firewall :: ASA 5505 Backup ISP Configuration

Jun 13, 2011

I'm having problems configuring an asa 8.2(1) with a backup isp.  I followed the asdm instructions in this document: [URL]
 
I have my backup interface configured as DHCP and the static routes set. Pinging the gateway and other external IP address from the backup interfaces works normally. I have also tried configuring the backup interface as a static address but got the same results.
 
When removing the primary wan link, all traffic stops. When I ping a external DNS, I get these errors in the log: portmap translation creation failed for udp src inside: 192.168.13.23 dst backup:208.67.222.222_type 8, code0)
 
I though this type of error is related to a NAT problem, not sure where to look though.

View 4 Replies View Related

Cisco Firewall :: Asa 5520 / Configure Two Static Nat Statements From Inside To Outside And Backup Interface?

Oct 16, 2011

I have a asa 5520 with an outside and backup interface. I am trying to configure two static nat statements from the inside to the outside and backup interface. Here is what I have configured so far.

object network obj-10.1.1.254
host 10.1.1.254
object network obj-10.1.1.254
nat (inside,outside) static 172.25.10.3
 
I want to also use nat (inside,backup) static 172.25.10.3

View 3 Replies View Related

Cisco :: LMS 4.2 Configuration Archive Fails?

May 3, 2012

I have a not-so newly installed LMS4.2 Linux appliance. Here is my configuration archive summary:
 
Config Archival Status
No. of Devices
Successful 7 Failed 1338 Partially Successful0 Total1345 Configuration Never Collected 1338  

[Code].....
 
Which seems to mean that SSH does not work, which is false as I manually connects to the device from the LMS host successfully. Network devices access is authenticated against ACS servers using TACACS+ so there should be no problem with credential discrepency here.

View 1 Replies View Related

Cisco :: Configuration Archive Sync (LMS 4.0.1)

Jun 21, 2011

I have a question about a daily archive sync job. I have the job set to run by device type groups. My question is, when I delete or add devices, will they automatically be added to the job?

View 1 Replies View Related

Cisco Firewall :: ASA 5505 - Backup ISP Link Configuration?

Jan 28, 2013

I'm working on setting up a backup link for our ASA 5505 and I've followed these directions:  [URL]
 
The backup ISP gives us a dynamic address, however, when I enable the backup ISP's interface on the ASA, my vpn tunnels drop. As soon as I disable the backup interface, the tunnels come back up. I'm attempting to configure this across one of these tunnels, so obviously this is an issue, as is the fact that other people need the tunnels as well. I'm not sure what I did to make this happen, but I've been over the config many times and can't see anything different from the instructions in the link above.
 
I thought it might be trying to route traffic across the backup interface, but my primary interface is tracked and has SLA running on it, so I would assume it wouldn't roll over onto the backup interface.

View 1 Replies View Related

Cisco Firewall :: Best Practice For Log Configuration And Backup In ASA5505

Feb 20, 2011

I like to take log backup in ASA.. and i like to check whether any attack pattern is there?? how could i do this...?Also how could i do a best practise for this?

View 12 Replies View Related

Cisco :: 3750 / Configuration Archive Job Times Out (LMS 4.0)?

Oct 13, 2011

I've inherited a server running Ciscoworks LMS 4.0 to manage our plethora of switches. Running 'Configuration > Configuration Archive > Synchronization' against a Catalyst 3750 switch called switch1 successfully retrieved the Running, Startup, and VLAN configs.Running the same command the following day on switch1 failed and returned this in the job execution result:Unable to get results of job execution for device. Retry the job after increasing the job result wait time using the option:Admin > Collection Settings > Config > Config Job Timeout Settings I modified the job result wait time setting to be 600 seconds, tried again and received the same timeout failure. I have also seen this same Failed message on other devices, but have never actually received the configs for them, so I feel switch1 is a better place to start.What are the first things I should check in CiscoWorks for a problem like this? Is there a particular software revision I should be on with LMS 4.0? What timeout value should be used for Archive Synchronization?

View 1 Replies View Related

Cisco Firewall :: ASA 5520 Vpn Configuration?

Oct 10, 2012

I must create a point-to-point vpn connection with two firewall cisco asa by using certificates.  Do i have to buy 2 separate certificates or one is enough? 

View 3 Replies View Related

Cisco Firewall :: SSH In ASA 5520 Not Working Even With All Configuration In It

May 3, 2013

I am having a wierd case, where in i have a 5520 and i am not able to ssh into that firewall. When did a capture on that firewall it shows my connection is getting reset as soon as i try to ssh into the box. Given below is the config for ssh into the firewall.

!
ssh 10.252.253.0 255.255.255.0 inside
ssh 10.114.255.240 255.255.255.255 inside
ssh 169.2.162.75 255.255.255.255 inside

[Code].....

View 3 Replies View Related

Cisco Firewall :: ASA 5520 Configuration For ASDM?

Jul 13, 2011

My ASA confi are as follows. i cant to do use ASDM, HTTP, Telnet from my local interface and ip 192.168.0.46 &14.My ASDM is ok as i can connect other ASA. what mismatch here i cant understant.
 
hostname ciscoasa
 enable password DtMryzGjBATmCElZ encrypted
 passwd 2KFQnbNIdI.2KYOU encrypted
 names
 dns-guard

[code]....

View 5 Replies View Related

Cisco Firewall :: ASA 5520 NAT And DMZ / Inside Network Configuration?

Jan 27, 2013

I am trying to configure a server(192.168.5.50) in DMZ(192.168.5.0/24) to be able to communicate with a domain controller(10.5.44.220) in the inside network(10.5.44.0/24). I made some configuration using ASDM(not familiar with the CLI) but not working and it caused existing NAT not to work, for example RDP(TCP 3389) connection to 38.96.179.220
 
The things I am trying to achieve are
 
1. two way commucation between 192.168.5.50 in DMZ and 10.5.44.220 in Inside for SecureAuthPorts and SecureAuthOutbound service groups

2. NAT for 192.168.5.50 mapping 38.96.179.50 for the service groups mentioned above

3. NAT for other hosts already existing

View 2 Replies View Related

Cisco Firewall :: ASA 5520 Email Alert Configuration

Apr 26, 2010

I am trying to setup email alert on our ASA 5520 so that i can receive emails to my exchange account below is the configuration [code] The smtp server is in our internal network.first i am not able to ping 172.17.1.12 as ping is blocked.i did this confgi like two days before..but ca see alerts and error messages through asdm but no mail is  coming in.

View 5 Replies View Related

Cisco Firewall :: Export Configuration From ASA 5510 To ASA 5520?

Oct 14, 2012

I have new ASA 5520 units currently we are using ASA 5510... I have to migrate all the configuration to the new ASA 5520 units....I am wondering is there a possible way to export and import certificates from ASA 5510 to 5520....
 
how to export or copy all the configurations, plug-ins, certificates from 5510 to 5520.Existing configuration snapshot...CA certificates from third party installed for authentication and identity certificate from Verisign

WebVPN
Anyconnect
Plug-ins
IPSEC tunnels
NAT

View 1 Replies View Related

Cisco Firewall :: Multi Context Configuration On ASA 5520

Jan 29, 2012

I am trying to configure multi context on the 5520 ASA , how can i configure 1 outside and 1 inside for the 2 context or how to configure both outside from the same subnet and insides also from the same subnet , i did the below configuration but didn't work . [code]

View 4 Replies View Related

Cisco Firewall :: ASA 5520 SSL VPN LDAP Authentication Configuration Required

Oct 16, 2012

I've gotten to the point where I can test against active directory and get in, also I can get AD groups from my server on the ASA. My problem, I can't connect in via my AnyConnect client on my Android. I immediately get a "log in failed" and I know I'm using the right username/pass. Doing a little troubleshooting, I have attached my AnyConnect debug log and the results of the "debug ldap 255" command on the ASA. Also, I've used ldp.exe to determine I can connect in with the username/password combo I'm using.Combing through the AnyConnect logs I see a few instances of "global error unexpected" but no Google searches have brought up anything useful.

View 7 Replies View Related

Cisco VPN :: 5520 Feature That Allow To Have Backup VPN Tunnel On At Secondary ISP

Oct 8, 2011

My question is very simple is there any way or feature that could allow us to have a backup VPN tunnel on at the secondary ISP at the asa 5520? Lets assume if the primary isp goes down is there any way for  the VPN tunnel come online at the backup isp ? [code]

View 2 Replies View Related

Cisco :: Backup Configuration On LMS 4.2

Nov 21, 2012

1)how can i backup the configuration on cisco lms 4.2 and to re-imported later when i re-install the lms 4.2
  
2)how can i change the admin password on cisco lms 4.2

View 3 Replies View Related

Cisco AAA/Identity/Nac :: Backup Configuration On ACS 5.2?

Jun 8, 2012

How to backup the configuration on cisco acs 5.2 and how to restore it , if some thing wrong happened

View 7 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.x / How To Backup Configuration

Mar 10, 2013

Cisco ACS 5.x appliance?How to back up Config?What is best way, via TFTP? COPY Startup-config tftp:?COPY Running-config tftp:?I currently use Solarwinds CatTolls to back my Cisco Switches, can I use this for Cisco ACS also?

View 3 Replies View Related

Cisco :: LMS 4.2 Backup Configuration Of Devices

Nov 29, 2012

How to backup the configuration of Cisco devices managed by LMS 4.2 and store it in Folder , than restore it once it need it

View 10 Replies View Related

Cisco Switching/Routing :: How To Backup The Configuration Of ACS 5.3

Mar 15, 2012

how to backup the configuration of ACS 5.3 then restore it on the secondary ACS 5.3 Appliance in order to save time without configure the 2nd Appliance?

View 1 Replies View Related

Cisco Wireless :: Backup Configuration On WAP 5508?

Feb 5, 2013

how to backup a Cisco Wireless Access Point Controller 5508.

View 2 Replies View Related

Cisco :: Backup Of Configuration From Nexus Switches 5K And 7K

Dec 4, 2012

I'm busy on configuring the backup of the configuration from Nexus switches 5K and 7K.I have installed COPSSH on my windows server and try to confiugre the sftp credentials. [code] I have tested from the CLI from the switch and i have the issue but if i use the default vrf 'default' it works fine.How can i change the command sent by DCNM to the Nexus in order to specify vrf default and not vrf management ?

View 1 Replies View Related

Cisco :: LMS 4.0.1 - Device Configuration Auto Backup

Mar 6, 2012

Is it possible to create a job what automatically export the devices configs that are in the folder CSCOpxfiles medemushadow? It would be wonderdul if CW could export the .cfg files into a .rar and send in email or something like this.

View 1 Replies View Related

Cisco :: 5508 - NCS Configuration Backup And Restore Of WLC

Jan 10, 2012

I recently tested the process for a customer of defaulting a Cisco WLC to factory configuration and then restoring the configuration from Cisco NCS.  It was not seamless to say the least and I wonder if I have just gone about it the wrong way. 
 
Have have set the NCS platform to configuration sync with the 5508 controllers at 04:00 every day and prior to the controller defaulting I ensured that NCS also reported that the config was in sync. I have also set NCS to complete a tftp backup of the controller every night 23:00 - interestingly though I have no idea where this is stored on the NCS platform ( a VM appliance ) or what it's file name is.
 
Anyway my experiences where as follows:-
1.  defaulted WLC and via serial CLI ended up at the configuration wizard.
2.  Set the correct LAG, management IP, host name that NCS knew this controller by.
3.  To test things just created a dummy WLAN ( SSID ) as I assumed this would be overwritten ( big mistake ! ). 
 
At this point I connected the controller to the network and tried to restore the configuration from the config sync version.

First problem - you have to remember to set up the SNMP community string you were using as it is needed by the configuration sync process.  After adding this to the controller I could push the configuration to the controller.

Second problem - failed to add the first WLAN from the backup as I have added the temporary dummy W LAN via the wizard and NCS reported a conflict.  So had to delete WLAN ID 1 from the WLC GUI directly and then the config push no longer reported this error.

Third problem - for some reason did not add the TACACS server details - reported the error that it could not added them.  I manually added these via a template via NCS and all was well. 

Fourth problem - all but the first WLAN was in the disabled state - had to re-enable all of the WLANs. 

Fifth problem - any default items I had disabled or removed have not been saved - therefore I have removed the public and private SNMP communities - but these were still on the WLC after the restore.  I have disabled unused ports not in the LAG as they show an error in NCS - these where not disabled after the restore.
 
So all in all not a very satisfactory restore process from NCS to an defaulted WLC ( meant to simulate to the customer what would be needed if they had to replace a controller due to hardware failure ).

View 1 Replies View Related

Cisco :: User Privilege Level For Configuration Backup With PI 1.2

Feb 15, 2013

We have more than 50 devices handling by PI 1.2 (testing) I like to know how to do configuration archiving with user who doesn't have write privilege.
  
I tried like this.
  
username john privilege 6 password cisco privilege exec level 6 show running-config
  
(result) show run --> blank
 
  I tried this user with one of switch in PI 1.2. It did not do configuration backup
 
username inout password inout username inout privilege 15 autocommand show running-config
  
(result) once logged in, it automatically showed running-config. However when I tried with PI 1.2 with this user (inout). I couldn't do configuration back.
 
reference [URL]
  
create certain user with read-only privilege while PI 1.2 is able to do configuration archiving ?

View 0 Replies View Related

Cisco VPN :: ASA 5505 Backup Configuration To TFTP Server?

Oct 4, 2011

Is there a way to backup the configuration file to a tftp server? I've tried "copy start tftp" and copy run tftp". No luck, I get an error message.

View 1 Replies View Related

Cisco :: LMS 4.2.1 - Backup Configuration Of WS-C4503-E Version Cat4500e

Oct 11, 2012

I have a Cisco LMS 4.2.1 on a Windows 2008 Server R2 platform and I would like to backup the configuration of my WS-C4503-E version cat4500e-universalk9.SPA.03.03.01.SG.151-1.SG1I create the job in Configuration > Configuration Archive > Synchronization and after the execution of the job, I check th status in Admin > Job > Browser: I don't know why the archive doesn't exist. It's a newly install.

View 2 Replies View Related

Cisco Application :: ACE-20 Module - Automated Backup Of Configuration

Feb 4, 2010

I am currently stuck to setup an automated configuration backup for ACE Blades. I found a script to backup the ACE from the Cisco ANM box but unfortunately I am not very familiar with Linux. (script) in place, to "pull" the ACE config from a Microsoft system ?
 
System State:
ACE IOS A2.(1).5

View 2 Replies View Related

Cisco Switching/Routing :: 2960G Don't Have A Backup To Configuration In PC

Dec 30, 2011

I have 2960G that in rommon status.I need that the switch work in 0x2102 (regular mode).I don't have a backup to configutratuio in my PC.I do wr before the switch go to rommon (startup config).What to do in order to the switch will be in 0x2102 (regular mode) with the same configuration( before the switch go to rommon)?

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved