backing up cisco configs

Posted on 2014-12-22
Last Modified: 2014-12-27
hey guys,

we have cisco switches and firewalls at various locations. What can i use to automate to backup configs of all from one central location?
Question by:Cobra25
LVL 11

Expert Comment

ID: 40513845
I've used Solarwinds' Network Configuration Manager for some time on both Cisco and non-Cisco routers/switches/firewalls with good success. It's not free, but it does a great job, provides reporting, and also can automate firmware updates and other useful things.

You can download a free, fully-functional 30-day trial and try it on for size.

Author Comment

ID: 40513987
That looks great, but 2700$ is very steep! I should've specified cost effective :)
LVL 11

Accepted Solution

rharland2009 earned 500 total points
ID: 40513993
Okay, fair enough.
Here's a similar product - also owned by Solarwinds - that one of my colleagues has used for many years to automate all backups. It works like a charm and starts at $750 USD.
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.


Expert Comment

ID: 40514482
You can use free solution. Cisco devices support kron tab configurations.
Install a free TFTP server and in all your network devices configure below configuration:

conf t

kron occurrence Backup at 17:00 5 recurring
 policy-list Backup
kron policy-list Backup
 cli show run | redirect tftp://
 cli show run | redirect tftp://
LVL 17

Expert Comment

ID: 40514818
On the freeware side, rancid is pretty good:

Or you can write a fairly simple script in Expect to upload stuff via tftp and archive that:

set timeout 3

set hostip [lindex $argv 0]
set date [lindex $argv 1]
set tftp [lindex $argv 2]

spawn telnet $hostip
expect_after eof { exit 0 }

## interact with SSH
expect "Username:" { send "USERNAME\r" }
expect "Password:" { send "SUPERSECRET\r" }

set timeout 3

expect "#"
send "copy running-config tftp:\r"
expect "?\r"
send "$tftp\r"
expect "?\r"

set timeout 15

send "$hostip.$date\r"
expect "#"
send "exit\r"

Open in new window


Expert Comment

ID: 40515964
The issue with "sh run" on cisco firewalls is that you only get * when ever you meet a encrypted key so in firewalls use "more system:running-config"

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question