ASA 5505 - Backup and restore to another device of same model and version

How can I backup the configuration of the ASA 5505 on 8.x and restore it to another ASA 5505 with same version? I have tried to save the running config to a file and then copy it to the new device and use the boot config: filename but it doesn't work. Or is there any other way to try? Thanks.

Thanks Andrew, I had tried it but I was having issues with the fact that I kept both ver 7 and ver 8 of the OS images on the flash. So it booted from the first found (ver 7) and creating confusion for me as the config file was for ver 8.
I noticed that it keeps the 192.168.1.1 IP even though in the config file it has another IP assigned. Is there other things that I need to check that do not change apart the IP address?
Thanks.

Similar Messages

  • Dear All, I'm using Cisco ASA 5505 Firewall and I want the email alert from my Firewall if the CPU increase more than 70 %. Is it possible, Please help me. Thanks Vijay

    Dear All,
                         I'm using Cisco ASA 5505 Firewall and I want the email alert from my Firewall if the CPU increase more than 70 %. Is it possible, Please help me.
    Thanks
    Vijay

    Hi Vijay,
    If can be done but you need any network management software. I personally dont think you can ask your ask to send mails. ASA can trigger alert to a SNMP configured server which will intern send mail to you 
    HTH,

  • My camera Canon G3 (i know it's old) no longer connects to iPhoto (8.1.2) on my iMac, I have checked with my friends iMac same model iPhoto version and it works fine using my cable, I would appreciate any help getting this sorted

    My camera Canon G3 (i know it's old) no longer connects to iPhoto (8.1.2) on my iMac, I have checked with my friends iMac same model iPhoto version and it works fine using my cable, I would appreciate any help getting this sorted

    As a Test:
    Hold down the option (or alt) key and launch iPhoto. From the resulting menu select 'Create Library'
    Import a few pics into this new, blank library. Is the Problem repeated there?

  • Can I restore an icloud backup of photos to another device

    I had an iPhone 5 which was associated with one apple ID.  The last backup was the day before I purchased the iPhone 5s.  The new phone is associated with another Apple ID and backs up to the iCloud under the new Apple ID.  Can I retrieve the information from the old iPhone 5 by backing it up to a spare iPhone 4 so I can retrieve photos from it?  Or is there a way to get the photos from the iCloud backup to my Mac?

    Unfortunately, it is not possible to get the photos of your backup directly to your Mac, but it is a good idea to use your old iPhone 4 to retreive your photos from the backup by restoring your iPhone 4.

  • ASA 5505 backup interface

    Hello,
    I have setup ASA 5505 with 2 ISP, named outside (primary)  and backup, the scenario is if outside down, then backup will take over, it works now.
    But it is not working when the primary connection cannot reach the gateway with the interface still up.
    Is it possible when the primary connection cannot reach the gateway then backup automatically take over?
    Thanks before..
    My configuration is:
    ASA Version 8.2(1)
    hostname cisco
    domain-name default_domain
    enable password ********* encrypted
    passwd ********* encrypted
    names
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.1.254 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address 172.10.10.10 255.255.255.0
    interface Vlan3
    no forward interface Vlan2
    nameif backup
    security-level 0
    ip address 172.20.10.10 255.255.255.0
    interface Ethernet0/0
    switchport access vlan 1
    interface Ethernet0/1
    switchport access vlan 2
    interface Ethernet0/2
    switchport access vlan 3
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    ftp mode passive
    dns server-group DefaultDNS
    domain-name default domain
    same-security-traffic permit intra-interface
    pager lines 24
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu backup 1500
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    global (inside) 1 interface
    global (outside) 1 interface
    global (backup) 1 interface
    nat (inside) 1 192.168.1.0 255.255.255.0
    access-group inside_out in interface inside
    access-group outside_in in interface outside
    access-group backup_in in interface backup
    route outside 0.0.0.0 0.0.0.0 172.10.10.1 1
    route backup 0.0.0.0 0.0.0.0 172.20.10.1 254
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    dynamic-access-policy-record DfltAccessPolicy
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    telnet 192.168.1.0 255.255.255.0 inside
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    dhcpd lease 1048575
    dhcpd auto_config outside
    dhcpd address 192.168.1.100-192.168.1.200 inside
    dhcpd dns 8.8.8.8 8.8.4.4 interface inside
    dhcpd enable inside
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    class-map inspection_default
    match default-inspection-traffic
    policy-map global_policy
    class inspection_default
      inspect icmp
    service-policy global_policy global
    prompt hostname context
    Cryptochecksum:24af050f332deab3e38eb578f8081d05
    : end

    Hi Amrin,
    you can configure SLA monitoring on ASA and that woudl work fine for you:
    http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml
    Hope that helps.
    Thanks,
    Varun

  • Cisco ASA 5505 IPSEC, one endpoint behind NAT device

    We have two Cisco ASA 5505 devices.
    Both are identical, however, one of them is behind a NAT device.
    We are attempting to create an IPSEC network.
    Site fg:
    <ipsec subnet1> -- ASA 5505 (ASA1) -- <internet>
    ASA1: 10.1.1.2/24 (inside), 212.xxx.xxx.xxx/28 (outside)
    Site be:
    <ipsec_subnet2> -- ASA 5505 (ASA3) -- Zywall USG (USG1) -- <internet>
    ASA3: 10.1.4.1/24 (inside), 192.168.4.50/24 (outside)
    USG1: 192.168.4.100/24 (inside), 195.xxx.xxx.xxx/30 (outside)
    USG1: UDP port 500/4500 forwarded to 192.168.4.50
    It seems that ASA1 stops the procedure (we verified this with debug crypto isakmp 254):
    Group = 195.xxx.xxx.xxx, IP = 195.xxx.xxx.xxx, QM FSM error (P2 struct &0xd1111cd8, mess id 0x81111a78)!
    Group = 195.xxx.xxx.xxx, IP = 195.xxx.xxx.xxx, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 192.168.4.50/255.255.255.255/0/0 local proxy 212.xxx.xxx.xxx/255.255.255.255/0/0 on interface outside
    Group = 195.xxx.xxx.xxx, IP = 195.xxx.xxx.xxx, PHASE 1 COMPLETED
    We verified / attempted the following:
    - NAT excemption on both sides for IPSEC subnets
    - Mirror image crypto maps
    - Disabled IKE peer ID validation (yes, pre-shared key but we ran out of ideas)
    - Toggled between static to dynamic crypto maps on ASA1
    Most search results turned up results referring to the incorrect settings of the crypto map or the lack of NAT excemption.
    Does anyone have any idea?
    195.txt contains show running-config of ASA3
    212.txt contains show running-config of ASA1
    log.txt contains somewhat entire log snipper of ASA1

    Hi,
    on 212 is see
    tunnel-group 195.xxx.xxx.xxx type ipsec-l2l
    tunnel-group 195.xxx.xxx.xxx ipsec-attributes
    pre-shared-key
    When you define the peer with static tunnel-group entry ASA is looking for peer configuration in static crypto map. If the peer is behind static NAT configure a proper static crypto map with matching acl and proposals.
    If the peer is behind dynamic nat refer this example :http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/81883-ipsec-iosrtr-dyn-pix-nat.html
    Regards,
    Abaji.

  • How can I restore a document/file to my iPad from the iCloud backup without restoring the whole device from the iCloud backup?

    My iPad has a number of documents, including pdf, xls, doc, ppt files.  Some are associated with Documents to Go - Premium, which froze on the device attempting to download an update and had to be deleted (which also deleted the files that only were on the iPad and associated witht the app).  How do I restore only that app and/or the related files from the iCloud.  Ans I've found so far were not clear/specific enough or seemed to indicate the entire iPad had to be restored.  iOS 5.1.1

    Step by step
    1. Erase all contents and settings
    2. You'll be asked twice to confirm
    3. You'll see Apple logo and progress bar
    4. You'll see a big iPad logo on screen
    5. Configuration start
    6. Set language
    7. Set country
    8. Enable Location Service
    9. Select network, enter password and join network
    10. You'll be given 3 options (a) Setup as New iPad (b) Restore from iCloud Backup (c) Restore from iTune Backup
    11. Selected Restore from iCloud Backup
    12. You'll be required to enter Apple ID and Password
    13. Agree to Terms and Conditions
    14. Select Backup file
    15. You'll see progress bar
    16. Red slider will appear; slide to unlock; step #1 to #16 is fast
    17. Pre-installed apps will be restored first
    18. Message: Purchased apps and media will now be automatically downloaded
    19. You'll see a pageful of apps with Waiting/Loading/Installing
    20. Message: Some apps cannot be downloaded, please sync with computer

  • ASA 5505 Username and Password

    Hi All,
    I am trying to configure an ASA 5505 with a username and password. I set all the pass words:
    password xxxxxxx
    enable password xxxxxxx
    username xxxxxx password xxxxxxx
    When I reload the device it prompts me for the username, then the password and it fails and just asks for the username again. I have even tried to delete the username/password combo but it still prompts me for it. When I do password recovery the confreg is 0x00000001. I am no ASA expert and this is getting a bit frustrating.
    When I first configured the device and reloaded it, everything worked fine.....once. Upon the second reload it just keeps prompting me.
    Thanks for any help.
    Bill

    Hello Carter,
    Hmm, it sounds like a config-register problem.
    So when you are in rommon you got to set the confreg to be on 0x41 so you can ignore the startup-config.
    Then when you enter to the ASA please do the following:
    enable password cisco
    username password cisco
    config-register 0x01
    wr
    and then finally reload,
    Regards,
    Julio

  • IPhone 4 restored using another device

    iPhone 4 had to be restored to factory settings due to a glitch in ios7 patch. My iPhone wasn't backed up in the iCloud, so I restored to another iPod attached to my computer which had my contacts. How do I re-register my restored iPhone and rename the device on my computer, without losing/overwriting the copied iPod device username and details?

    Welcome to the Apple Community.
    Turn on Photostream in your system preferences > iCloud settings.
    Assuming iPhoto is up to date, turn on photostream in iPhoto preferences.
    Photos in photostream should start to sync with your Mac.

  • ASA 5505 Backup

    Hello i have two ASA5505 .
    On one i have erased disk0 and i can't access it over ASDM...
    I have copied the 2bin files asa-k8.bin and asdm-k8.bin from the working ASA to the ereased still no ASDM...
    My questions are :
    Are the licenses gone?
    What should i do to fix it?
    I have a backup.zip from the working one. Can i import it in the ereased with CLI ?
    Thanks

    Hello,
    Can you share to the community  how you did it ?
    So if someone having the same issue can fix it with this
    For more information about Core and Security Networking follow my website at http://laguiadelnetworking.
    Any question contact me at [email protected]
    Cheers,
    Julio Carvajal Segura

  • How do I pull backup files (pictures) from another device to my new device, and merge multiple backups that are on the same iCloud account?  I have an iphone4 and iphone5 backup.  I want to pull photos from both into my new iPhone5

    Have multiple iPhone backups across 2 iPhones and 3 iPads.  I need to pull backup files and pictures off of backed up devices that are not my current in-use device.   How do I do that?  They are all under one apple ID.

    If you still have the devices, import them to your computer (see http://support.apple.com/kb/HT4083), then sync them to your current device.  If they are only stored in backups, the only way to access them is to restore the device to the entire backup.  Note: you can only restore photos in an iPhone backup to another iPhone, and from an iPad backup to another iPad.  If the backups are on your computer, you may be able to extract the photos from the backup using 3rd party software such as iPhone Backup Extractor.

  • ASA 5505 VPN and Sprint Mobile Broadband clients.

    I have a strange problem, it's something that just started recently when we had a user try to gain access with a Sprint Mobile Broadband card. We have quite a few remote users, probably not more than 6 ever connected to the VPN at once, and I have not heard of any issues until recently. We are starting to require more travel to remote locations, so the use of the hotel internet, as well as Sprint mobile broadband is becoming more important.
    There are a few issues here. Everything is IPsec.
    Mac OSX with VPN client version 4.9.01 will connect to the VPN when connected to a normal internet connection, but as soon as it gets on the Sprint Mobile Broadband device, it connects for exactly 5 seconds and disconnects.
    Windows XP Pro, has no problems with normal internet, on the wireless broadband modem, it will connect to the VPN, but have no access to internal resources or access to the internet.
    Windows Vista, has issues all the way around, but mainly when connected to the wireless it has the same issues as XP minus the internet browsing.
    Strange thing is, all these problems seem to been different, but they all started around the same time. I have been testing everything I can think of. Talked to Sprint, which the lady there was actually very helpful...just have to get to the right person. But nothing we tried did any good.
    Does anyone know of any settings on my ASA that I need to change in order to get these types of connections to work?
    The best part of all this is that my Linux machine can connect/surf/and browse the internal network through the VPN just like it normally would work.
    Something has to be wrong with my client config settings that is causing this to happen.

    Have you enabled NAT Traversal? (Both on the Client and ASA)
    That would be the first thing to check.
    http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#Solution1
    Regards
    Farrukh

  • After insall'g SAP can a backup be restored from another server?

    I have installed SAP onto Server B, and would like to use a backup (third part vendor 'commvault') created by commvault on server A, to restore to Server B.
    The SIDs are the same, and the same CDs were used to install SAP, the ONLY differneces are the IP addresses and the Server names
    Will this work?
    Maria

    Hi Maria,
    If the server names are different then, you cannot restore a backup.
    In this case you have do a system copy.
    Please go through sap help site for more details on system copy.
    Best Regards
    Raghu

  • ASA 5505 Backup Config to TFTP Server

    Is there a way to backup the configuration file to a tftp server? I've tried "copy start tftp" and copy run tftp". No luck, I get an error message. Thanks in advance.

    What kind of error message did you get?
    ciscoasa# write net ?  WORD  IP address of tftp server and file name :. Place IPv6        address within square brackets. 

  • Cisco ASA 5505 - outside can't DHPC as router use same range

    Hi
    Im new to the ASA and is trying to setup at test net. The ASA is connected to my router on port zero using DHPC.
    (Or i guess its not as the router use the same ip range as ASA does inside).
    I tried to set a static IP in the same range (eg. 192.168.1.20) but then get the message "cannot overlap with the subnet of interface inside".
    So I belive that is why it dont get a IP from my router - it does show up in the router DHPC table as 192.168.1.5 but ASDM home says outside "no IP address".
    I tried to change the inside range of the ASA but if I change the inside IP i loose connection.
    (Had to restore factory-default useing the console).
    I guess I could setup another range using the console, but how?
    How can I setup this test net?

    If I need to save I did not. (I have not used the console before).
    Found the: "write memory" and reload command.
    I cant connect to the asa using ADSM-IDM Launcher (from PC connected to the inside lan).
    It seems that the asa DHPC server does not work.
    And: show running-config
    ciscoasa# show running-config
    : Saved
    ASA Version 8.2(5)
    hostname ciscoasa
    enable password 8Ry2YjIyt7RRXU24 encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.2.1 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    no ip address
    ftp mode passive
    pager lines 24
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    dhcp-client client-id interface outside
    dhcpd auto_config outside
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
    class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny 
      inspect sunrpc
      inspect xdmcp
      inspect sip 
      inspect netbios
      inspect tftp
      inspect ip-options
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:5085ad55b43198c7490b2edfee450906
    : end

Maybe you are looking for

  • Unable to debug user exit in CRM BW  (EXIT_SAPLRSAP)

    Hi Gurus, Please help me to debug user exit in CRM BW. I am using below enhancement RSAP0001 (Customer function calls in the service API) "EXIT_SAPLRSAP_003" Datasource is ZSTAONESYS0_TEXT The extract structure I have modified is "CRM_BIW_ST_T" =====

  • How to remove credit card information from iPhone 6

    I can't download Netflix with icloud it says a problem with my credit card payment but I'm not buying anything and I want it removed!!! HOW ?!?!

  • Partitioning of Data

    Hi, I need help regarding Partitioning of data. 1. What is Partitioning? 2. How it is going to help in handling the data? 3. What is Physical and Logical Partitioning? 4. If we do Partitioning, we will view the data in different Stages? If so how can

  • CRM  Utility Contract -Structured  document

    We are going to use structured utility contract docuemt for multisite customers. Can anyone help how the assignements with multiple premises work and what should be best practice to create sub level items(isu contracts) in the strucutred utility cont

  • How do you contact Adobe PS Elements Support?

    Does anyone know how to contact Elements support besides Forum?