Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2941
Views
0
Helpful
3
Replies

SCP the ASA running-config to remote server

khinze
Level 1
Level 1

‎06-09-2008 08:38 AM - edited ‎02-21-2020 02:03 AM

I would like to replace tftp with scp. Since you cannot do a "copy run scp" on the ASA, I'd like to scp the ASA's system:running-config to my server I store backups on. The ASA also does not recognize the (/) character so I cannot "scp user@asa:system/running-config" and "scp user@asa:system:running-config" causes problems for scp.

How are others securely (i.e. not TFTP) backing up their configurations?

Can use expect, but rather keep it simple as possible.

Thanks,

0 Helpful
3 Replies 3

cisco24x7
Level 6
Level 6

‎06-09-2008 09:01 AM

Use RANCID for backing your configuration.

RANCID can use ssh so it is very secure.

0 Helpful

khinze
Level 1
Level 1
In response to cisco24x7

‎06-09-2008 09:26 AM

Thank you for your reply.

I have looked at RANCID but haven't gotten buy off yet to install/use it.

I was hoping to find an easy solution in the interim.

0 Helpful

Farrukh Haroon
VIP Alumni
VIP Alumni
In response to khinze

‎06-09-2008 06:16 PM

The ASA has built-in commands to do this, but still uses TFTP. Maybe you can encrypt the TFTP traffic generated on the box (Just an idea, never tried it).

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mswlicfg.html#wp1063700

Also there is a better formatted script here:

http://6200networks.com/2008/02/06/using-a-script-to-back-up-asa-configuration/

Regards

Farrukh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card