Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

WSA configuration sync

Hello

I have two WSA appliances and I want to make automatic configuration synchronization with script.

So here is my question. When I load configuration to secondary appliance, do I have to load whole configuration or I can only load the xml file with sections that are different to the previous configuration.

For example I have two config files:

-wsa1_config.xml

-wsa2_config.xml

And the only difference is that I have added another user in wsa1_config.xml. That would result in new section in wsa1_config.xml

  <users>

    <user>

      <username>test_user</username>

      <fullname>Test User</fullname>

      <group>admin</group>

      <enc_password>encrypted_password</enc_password>

      <date_range>current_day</date_range>

      <display_rows>10</display_rows>

      <landing_page></landing_page>

      <language>en-us</language>

    </user>

  </users>

Can I create diff.xml with the following data in xml and load this config to secondary wsa server?

<config>

  <users>

    <user>

      <username>test_user</username>

      <fullname>Test User</fullname>

      <group>admin</group>

      <enc_password>encrypted_password</enc_password>

      <date_range>current_day</date_range>

      <display_rows>10</display_rows>

      <landing_page></landing_page>

      <language>en-us</language>

    </user>

  </users>

</config>

Will this procedure add only new user to secondary appliance or it will delete the whole configuration?

  • Web Security
2 REPLIES
Cisco Employee

Re: WSA configuration sync

Preferably, use a SMA to manage the config on multiples WSAs.

If you load the complete file, you will have problems with IP addressing.

Load partial files or editing the config file is not officially supported.

I personally did not test loading partial config files in a WSA. If you try to load it does it return an error? I can give it a try and let you know later today.

Sent from Cisco Technical Support iPad App

New Member

WSA configuration sync

I took configuration from wsa1, deleted part of the configuration that I knew it didn't change, changed IP addresses and upload only partial config file.

It was loaded without issues and configuration changes were applied to the wsa2. So it looks like it works to load and change only part of the configuration files.

I know that SMA could be used to manage configs on multiple WSAs, but I believe this is kind of overkill for SMB organizations with only 2 WSAs.

Best regards

384
Views
0
Helpful
2
Replies
This widget could not be displayed.