Copy ASA 5500 Config to backup Firewall

Unanswered Question
Matthew Warrick Wed, 10/08/2008 - 11:03
User Badges:

When you say "backup firewall" do you mean an offline firewall on a shelf or a properly configured and cabled failover partner?

Richard Burts Wed, 10/08/2008 - 11:30
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


There are at least 2 approaches to consider:

- a simple cut and paste. on the configured one do show running-config, copy the text into a text file, and on the backup on go into config mode and paste the config.

- use tftp to copy the running config from the configured one to a server (perhaps on your laptop or PC). Then configure the backup with an IP address (it is easier if you configure it in the subnet of the tftp server) and connect it so that it can communicate with the server. Use tftp to copy the config from the server to the backup.

The simple cut and paste works ok if there not shared key entries (like for VPN) or other values hidden in the text file. The tftp copy will be complete, including any key values, and should be used if you are not sure that the cut and paste will get everything that you need.




This Discussion