Solved

backing up cisco configs

Posted on 2014-12-22
6
144 Views
Last Modified: 2014-12-27
hey guys,

we have cisco switches and firewalls at various locations. What can i use to automate to backup configs of all from one central location?
0
Comment
Question by:Cobra25
6 Comments
 
LVL 11

Expert Comment

by:rharland2009
Comment Utility
I've used Solarwinds' Network Configuration Manager for some time on both Cisco and non-Cisco routers/switches/firewalls with good success. It's not free, but it does a great job, provides reporting, and also can automate firmware updates and other useful things.

http://www.solarwinds.com/network-configuration-manager.aspx

You can download a free, fully-functional 30-day trial and try it on for size.
0
 
LVL 4

Author Comment

by:Cobra25
Comment Utility
That looks great, but 2700$ is very steep! I should've specified cost effective :)
0
 
LVL 11

Accepted Solution

by:
rharland2009 earned 500 total points
Comment Utility
Okay, fair enough.
Here's a similar product - also owned by Solarwinds - that one of my colleagues has used for many years to automate all backups. It works like a charm and starts at $750 USD.

http://www.solarwinds.com/kiwi-cattools.aspx
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 4

Expert Comment

by:askincakir
Comment Utility
Hi,
You can use free solution. Cisco devices support kron tab configurations.
Install a free TFTP server and in all your network devices configure below configuration:

conf t

kron occurrence Backup at 17:00 5 recurring
 policy-list Backup
!
kron policy-list Backup
 cli show run | redirect tftp://10.0.2.1/R-1.cfg
 cli show run | redirect tftp://10.0.3.1/Switch-1.cfg
!
end
0
 
LVL 17

Expert Comment

by:TimotiSt
Comment Utility
On the freeware side, rancid is pretty good:
http://www.shrubbery.net/rancid/

Or you can write a fairly simple script in Expect to upload stuff via tftp and archive that:
#!/usr/bin/expect

set timeout 3

set hostip [lindex $argv 0]
set date [lindex $argv 1]
set tftp [lindex $argv 2]

spawn telnet $hostip
expect_after eof { exit 0 }


## interact with SSH
expect "Username:" { send "USERNAME\r" }
expect "Password:" { send "SUPERSECRET\r" }

set timeout 3

expect "#"
send "copy running-config tftp:\r"
expect "?\r"
send "$tftp\r"
expect "?\r"

set timeout 15

send "$hostip.$date\r"
expect "#"
send "exit\r"

Open in new window


Tamas
0
 
LVL 9

Expert Comment

by:Donboo
Comment Utility
The issue with "sh run" on cisco firewalls is that you only get * when ever you meet a encrypted key so in firewalls use "more system:running-config"
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now