backing up cisco configs

hey guys,

we have cisco switches and firewalls at various locations. What can i use to automate to backup configs of all from one central location?
Who is Participating?
rharland2009Connect With a Mentor Commented:
Okay, fair enough.
Here's a similar product - also owned by Solarwinds - that one of my colleagues has used for many years to automate all backups. It works like a charm and starts at $750 USD.
I've used Solarwinds' Network Configuration Manager for some time on both Cisco and non-Cisco routers/switches/firewalls with good success. It's not free, but it does a great job, provides reporting, and also can automate firmware updates and other useful things.

You can download a free, fully-functional 30-day trial and try it on for size.
Cobra25Author Commented:
That looks great, but 2700$ is very steep! I should've specified cost effective :)
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

You can use free solution. Cisco devices support kron tab configurations.
Install a free TFTP server and in all your network devices configure below configuration:

conf t

kron occurrence Backup at 17:00 5 recurring
 policy-list Backup
kron policy-list Backup
 cli show run | redirect tftp://
 cli show run | redirect tftp://
TimotiStDatacenter TechnicianCommented:
On the freeware side, rancid is pretty good:

Or you can write a fairly simple script in Expect to upload stuff via tftp and archive that:

set timeout 3

set hostip [lindex $argv 0]
set date [lindex $argv 1]
set tftp [lindex $argv 2]

spawn telnet $hostip
expect_after eof { exit 0 }

## interact with SSH
expect "Username:" { send "USERNAME\r" }
expect "Password:" { send "SUPERSECRET\r" }

set timeout 3

expect "#"
send "copy running-config tftp:\r"
expect "?\r"
send "$tftp\r"
expect "?\r"

set timeout 15

send "$hostip.$date\r"
expect "#"
send "exit\r"

Open in new window

The issue with "sh run" on cisco firewalls is that you only get * when ever you meet a encrypted key so in firewalls use "more system:running-config"
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.