Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

SNMP ASA / PIX

Is there a possibility to read the firewall configuration over snmp and write it down to a tftp server? The customer has two firewallsystems and want to save the configurations daily to a tftp server. He has a linux server to provide the snmp and tftp services. The CSM is too big for this really little problem. For routers and switches exist a solution, named pancho.

4 REPLIES
Silver

Re: SNMP ASA / PIX

You need to put on the security hat for this.

TFTP is NOT secure. Furthermore, SNMP can not

what you want.

Why not use RANCID to do this? It is secure

and can be done over SSH

Community Member

Re: SNMP ASA / PIX

Thanks, this can be the right solution. I have tested this tool. The first device is polled and i get the config. But the config from the second device i can't get. The server has the ssh right's and the correct password. In the config directory the rancid process create the file name.new but this file has 0 byte. Can you help me?

In the logfile i see the following failure:

IP_ADDRESS clogin error: Error: TIMEOUT reached

IP_ADDRESS missed cmd(s):

Do you have any idea?

Thanks!

Community Member

Re: SNMP ASA / PIX

Depending on how many devices you are looking to backup I would suggest a product called Device Expert. We purchased it about a year ago and it works great.

It is very reasonably priced as well, $795.00 for up to 25 devices. It has alot of very nice features as well.

http://manageengine.adventnet.com/products/device-expert/

Thanks,

Joe

Silver

Re: SNMP ASA / PIX

I have to disagree with you on this. Why

pay for something when you can get it for FREE?

RANCID is the best tool, bar NONE. It can even

backup Unix DNS, sendmail configuration and

Checkpoint Secureplatform firewalls. You can

backup >1000 devices with RANCID on either

gentoo or redhat linux box. A very scale

solution.

Can Device expert do that?

188
Views
0
Helpful
4
Replies
CreatePlease to create content