Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

SCP the ASA running-config to remote server

I would like to replace tftp with scp. Since you cannot do a "copy run scp" on the ASA, I'd like to scp the ASA's system:running-config to my server I store backups on. The ASA also does not recognize the (/) character so I cannot "scp user@asa:system/running-config" and "scp user@asa:system:running-config" causes problems for scp.

How are others securely (i.e. not TFTP) backing up their configurations?

Can use expect, but rather keep it simple as possible.

Thanks,

3 REPLIES
Silver

Re: SCP the ASA running-config to remote server

Use RANCID for backing your configuration.

RANCID can use ssh so it is very secure.

Community Member

Re: SCP the ASA running-config to remote server

Thank you for your reply.

I have looked at RANCID but haven't gotten buy off yet to install/use it.

I was hoping to find an easy solution in the interim.

Re: SCP the ASA running-config to remote server

The ASA has built-in commands to do this, but still uses TFTP. Maybe you can encrypt the TFTP traffic generated on the box (Just an idea, never tried it).

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mswlicfg.html#wp1063700

Also there is a better formatted script here:

http://6200networks.com/2008/02/06/using-a-script-to-back-up-asa-configuration/

Regards

Farrukh

2159
Views
0
Helpful
3
Replies
CreatePlease to create content