Cisco FireWall Backup and Restore to

Hello,

we have a Cisco PIX 525 and we recently acquired another for backup purposes.

Now i would like to restore the Config onto the spare PiX.
i know they both have different image version.
Can i Backup the Image from  Production PiX and Restore it onto the Spare PiX
what is the simplest way of achieving identical settings on the spare, so it is simple question of replacing the production one if it fails in future.

Thanks in advance
icdl101Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
InfamusConnect With a Mentor Commented:
Yes.

First you need to configure IP on the LAN interfacce of secondary PIX.

I wouldn't plug in secondary PIX on the production network, I would just give it temp IP first. (192.168.1.1/24)

pixfirewall1#copy flash TFTP
Address or name of remote host [127.0.0.1]? 10.1.1.15
Source file name [cdisk]?pix611.bin (name of the image file)
copying tftp://10.1.1.15/pix611.bin to flash
[yes|no|again]?yes

Plug in your laptop (TFTP server) and configure NIC IP to same subnet as secondary PIX.
(192.168.1.101)

pixfirewall2#copy tftp flash
Address or name of remote host [127.0.0.1]? 192.168.1.101/24
Source file name [cdisk]?pix611.bin
copying tftp://192.168.1.101/pix611.bin to flash
[yes|no|again]?yes

reload
0
 
InfamusCommented:
If you have two PIX, I would suggest configure them as primary and secondary for failover.

Here's the instruction.

http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/failover.html
0
 
InfamusCommented:
If you still want the second PIX as spare in case the current PIX fails in the future, you will need to have BOTH devices have same software version installed.

Here is how to backup and restore using TFTP server.


1.Backing up to TFTP server (10.1.1.15)

pix#copy running-config tftp
Address or name of remote host []? 10.1.1.15
Destination filename [pix-confg]? backup_cfg_for_pix (assign file name)

2.Restore from TFTP server

pix#copy tftp running-config
Address or name of remote host []? 10.1.1.15
Source filename []? backup_cfg_for_pix (same name you assigned when you backup)
Destination filename [running-config]? <enter>

write mem
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
icdl101Author Commented:
i cannot use as a primary and secondary failover as i do not have the necessary add on cards for the Spare.

Thanks for the Config Step by Step.

How about the image version can i backup image from the Production Firewall and and copy it to the Spare ?
0
 
icdl101Author Commented:
thanks perfect.

Does the PiX support  copy flash to USB command ?
0
 
InfamusCommented:
I believe so, does it have USB port?

Try dir and look at the result.
0
 
icdl101Author Commented:
The USB port on the PIX Firewall is a dummy port.
 It can not be enabled because it does not perform any function.
It is reserved for future use.
0
 
icdl101Author Commented:
Thank you for your prompt and precise answers
0
All Courses

From novice to tech pro — start learning today.