Ironport C170 Config file restore

Similar Messages

• Reload config file bug  to be mindful of self assigned IP address

  I did a an export of the config of my 4 routers, then reset them all to factory defaults, then reloaded all the config files.
  All the outlying routers were non connectable and had yellow flashing lights. I connected to each manually with an ethernet cable and laptop and found that each had a self assigned IP address.
  I went back to the main router and found that the check mark to allow the network to be extended did not re-check during the config file restore. Once I manually checked the box, all the routers automatically came on line.

  Hi mpedruski, and a warm welcome to the forums!
  The "self-assigned IP address" simply means that it is not getting a reply from anything like a Router handing out DHCP IPs.
  The Interface that connects to the Internet, needs to be drug to the top of Network>Show:>Network Port Configurations and checked ON.
  Might pay to make a New Location for each...
  Sometimes having an all OFF Location can help, thanks to Gnarlodious...
  http://gnarlodious.com/Computer/MacOsx/WiFi
  Using network locations in Mac OS X ...
  http://docs.info.apple.com/article.html?artnum=106653
  Let us know where we stand after this.

• Transfer old config files from old C150 to New C170

  I exported the complete configuration from the old C150  and emailed it to myself without masked passwords.  I copied the file to my machine and logged into the new C170. System Administration --> Configuration File
  Selected Load Configuration file from local computer.  I browsed to the file and seleted it and hit "load"
  It failed on so many lines that just seemed incompatible with the new XML structure I just gave up.  I ended up doing it manually but would like to know if it is possible to accomplish the original task of importing that old config file?

  The dievices have different port settings and there are some large differences in the code.  You cannot transfer the entire config file but you can do it in sections.  Such as export your HAT config and import that to the C170. 
  How I did it was hook a laptop directly to the new C170 on the management port and opened a wireless connection via browser to the live C150 and manually set all of my network configurations individually.

• Backup and restore quarantines cisco ironport c170

  Hello,
  Is there anyway to backup and restore the spams quarantine to another ironport c170?
  Thanks in advance.
  Alexandre

  You have the wrong forum... Try posting it on this forum:
  https://supportforums.cisco.com/community/netpro/security/ironport

• Backup and restore logs, quarantines cisco ironport c170

  Hello,
  Is there anyway to backup and restore logs and quarantine to another ironport c170?
  Thanks in advance.
  Alexandre

  Hello Alexandre,
  logs can easily be downloaded via FTP or SCP, there is a folder per logs subscription, i.e.
  /mail_logs
  /system_logs
  /error_logs
  Each folder contains multiple logs, thos e are with extention .s are the ones that have rolled over, while .c and .current are the ones currently written to. I would not recommend to upload them to another appliance, as this may cause problems or at least confusion. Quarantines cannot be backed up, that functionality is limited to SMAs (M-series).
  Hope that helps,
  Andreas

• Newbie Help with Restoring SPA504G config file

  I know just enough to be dangerous, but not enough to be completely effective.  Any help is much appreciated.
  I have a standalone SPA504G for which I have customized the configuration.  Frequently, several times a day, the phone resets and returns to the default configuration, erasing all my efforts.  As a result, I have two intertwined problems: 
  1 -- is there a way to prevent the resets?  I am tethered to RingCentral for my VOIP service, if that is relevant.
  2 -- if I cannot prevent the resets, how do I restore my configuration?  I have reviewed this helpful post and have downloaded the spacfg.xml file.  I have also installed Solarwinds TFTP Server for use in restoring the config file.  My problem is that I am completely unfamiliar with TFTP and have been unable to locate instructions as to how to upload, download and restore the spacfg.xml file.  Step-by-step "TFTP for Dummies" instructions would be greatly appreciated.
  Thanks for your help.
  Merk

  item 1,
  is your phone provisioned?  if Ring Central is provisioning it, they may be overwriting your changes.
  you can check by going into the provisioning tab on the phone web gui.
  click admin login --> advanced --> voice  -->provisioning
  look for profile rule. if it has anything but SPA$psn.cfg  it is probably provisioned.  (especially if it says something like http://provisioning.ringcentral.com  )
  the profile rule will download a new config file from the server every "resynch periodic" time (3600 sec by default), then if it is different from the current config it will implement and reboot.
  So to prevent this, remove the profile rule or set resynch periodic to 0.
  or have ringcentral put your changes into the provisioning file. 
  Most providers have a web 'dashboard' to make changes to the phones they manage.
  2 - to reload a config using tftp
  set up your tftp, put the file in the tftp root, and set the windows firewall to allow incoming connections to the app (solarwinds, tftpd32, etc), or port 69 UDP
  then in the gui of the phone use the resync url to load the config to the phone.
  http://ip.of.phone/admin/resync?tftp:////
  Note, if your config is in the tftproot, you should not need the /  part.
  hope it helps,
  dlm...

• Hello disappeared from my version 37.01. Not in customize or config file, Nowhere, Need to restore.

  Hello,
  I was doing other work in my browser, clicked on something in my toolbar and "Hello" button disappeared. So did "Forget me" a short while later. While I've been able to find the forgetme button and put it back, the "Hello" button is no longer anywhere to be found. Not in my "customize" tab, not to be found in the config file under "loop.throttled" which doesn't exist in my config file. Where is the button? Can you tell me how to find it? I've looked for an "update firefox" button to hopefully update with it back but have not been able to manually update--I can't find the link. Thanks for any help!

  Do you mean loop.enabled ? You can double-check that as follows:
  (1) In a new tab, type or paste '''about:config''' in the address bar and press Enter. Click the button promising to be careful.
  (2) In the search box above the list, type or paste '''loop''' and pause while the list is filtered
  (3) If the '''loop.enabled''' preference is bolded and "user set" to false, double-click it to restore the default value of true
  If you change this, it might not have any effect in the current windows. You can launch a new window (Command+n) to see whether Hello returns to the toolbar.
  If Hello is enabled and the icon is still not to be found anywhere, you can reset your toolbar to its default icons. In Customize mode, look for the Restore Default button at the bottom, just right of center.
  Any luck?

• Restore config file on VCS version X7.2

  Hi there,
  for HW swap, how can I save the VCS config and restore it into an other VCS?
  Thanks
  Markus

  Hi,
  I think that you can do a Backup file and Restore this Backup in another VCS.
  Maybe, note that you need a new Licenses and Option Keys and solve the warnings which will appear after restore.
  I done  without any issue.

• Move config file from c160 to c170

  I am doing an RMA to our unit
  the old unit is c160
  the new is c170           
  The old appliance was OS 7.6.1-022
  The new appliance is OS 7.5.2-101
  I want to move the config file from the old one to the new one,
  however I am getting "Error   —       No available upgrades  " on the new appliance,
  Any advice?

  Call TAC and get your new device provisioned for 7.6.1...

• Proper TLS Config for IronPort C170

  I inherited an infrastructure a little bit ago that uses an IronPort C170 cluster for email security. I have been tasked with configuring TLS connections with our new medical benefits provider and have some issues doing so. We have 3 MX records, let's call them mail1, mail2 and mail3. Mail1 and mail2 are configured normally on our firewall to pass SMTP traffic on port 25 to the MailListener port on the IronPort which is 25. Mail3, however, is configured on the firewall to translate SMTP traffic on port 25 to port 3600 which is sent to the TLS Listener port 3600 on the IronPort. The IronPort MailInterfaces are configured as such (25,3600) Reverse configuration on the firewall takes any port 3600 traffic from the IronPort and translates it to port 25 traffic for the rest of the world.
  I configured the IronPort with a new Sender Group named TLS_ACCEPT,  added all the medical provider domain names/IPs to it and assigned it to  the ACCEPTED Mail Flow Policy where TLS is set to Required. Likewise,  for outgoing, I specified the same domain names/IPs within the  Destination Controls to require TLS for sending purposes.
  I replaced the guy who originally configured this so I am not too sure how it is setup on the other end for TLS connections already established. We do have a few in place that are active. I am assuming that the other end is configured to send email only to the mail3 MX record. This configuration, however, is not possible with our medical provider so I need an alternative. They have verified that they cannot contact us on mail1 or mail2 via TLS but can with mail3.
  The obvious problem is if a sender from these new domains tries to send TLS_required emails to us over the mail1 and mail2 MX IPs, they will receive an NDR. If I configure the firewall to translate mail1 and mail2 incoming connections from port 25 to 3600, any email sent with TLS not prefered/required will get an NDR. This was actually tested and domains like Yahoo and Hotmail could not send to us.
  Are there any options for me on the IronPort to allow these connections to be sent from all our MX IPs without having to translate the ports? If not, what would happen if I changed the TLS Listener port on the IronPort to 25 instead of 3600 and disabled all the NAT rules on the firewall for mail3? I am only to assume this translation was another security step added by the previous admin here but am not too sure what would happen if I eliminated it.
  Any advice, help, questions, assistance or fun-poking would be greatly appreciated!! Thank you in advance!

  Kevin,
  OMG there's so much unneeded complication here...You can totally ditch the port translation
  Here's what I did:
  Under Network/IP interfaces, I have 3 interfaces:  managment, Public, Private.
       Public is exposed to the net, only port 25 allowed in/out, with 1 A  record for a Domain1 which I have a certificate for.
  Under Network/Listener I have 2 Listeners: 
       Outbound on the Private interface not really relavent for the rest of this discussion
       Inbound on the Public interface
            listening on port 25
            using an Accept query pointed at my Active Directory (all the various email domains in 1 AD)
            using a cert that matches the hostname on the Public interface
            Mail flow polices in HAT all set to TLS preferred with an address list configed for the "required" ones
  Mail Policies/Destination Controls to force sending as TLS
  In my external DNS
       Domain1
            A  mail.domain1.com  x.x.x.
            mx domain1.com  mail.domain1.com pref 10 weight 10 TTL 86400
       Domain2-10
            mx domain2.com mail.domain1.com
            mx domain3.com mail.domain1.com
       etc....
  Hope that helps...
  Ken    

• Change config file properties programatically

  hi, all i have created one config file and from that file i am readindg data. Now when i click on this file it shows that this file is in read only format. Now in this same config file i want to write the data but when i try to write data by using write key function it gives me some error just like please check the permission of the file.
  For this config file i canot change its permission to archive permenantly. So Is there any way to change the file permission programatically from read only archieve and again from archieve to read only.

  You can change the file permissions programmatically using LabVIEW.  This allows you to temporarily change the permission and modify the file before restoring the permissions to their original settings.
  The Set Permission is found within the Advanced File Functions of the File I/O section of the Functions Palette.
  The information below is from the Context Help.
  R
  Message Edited by JoeLabView on 09-16-2008 08:07 AM
  Attachments:
  filePermission.PNG ‏33 KB

• Missing palette - Config Files

  The Config Files are missing from the subpalette in LV 2014-64 bit for Mac OS.  I am not sure whether they were ever there. The files are in the expected locations. The palette is OK in the 32-bit version.
  I have installed a bunch of stuff with VIPM and this may have contributed to the problem.
  What I have tried:
  Edit Palette Set... Restore to Default and Insert VIs.
  Re-install LV.
  Delete the config.mnu file.
  Edit Palette Set... Delete icon. Insert subpalette. ... This gets me a config subpalette which contains every file in config.llb, not just the subset in the original subpalette.
  So I am now to the point where I can work again but I would still like to get back to the default palette.  Any suggestions?
  Thanks,
  Lynn

  Try copying the mnu file from your 32-bit install (since that one works).
  There are only two ways to tell somebody thanks: Kudos and Marked Solutions
  Unofficial Forum Rules and Guidelines

• Backups of the JVM.CONFIG file are not created

  Backups of the JVM.CONFIG file are not created.
  CF10 > Server Settings > Java and JVM   in part says:
  Backups of the jvm.config file are created when you hit the submit button. You can use this backup to restore from a critical change.
  CF10 Help page indicates jvm.bak will be created:
  http://help.adobe.com/en_US/ColdFusion/10.0/Admin/WSc3ff6d0ea77859461172e0811cbf3638e6-7ff c.html#WSc3ff6d0ea77859461172e0811cbf3638e6-7feb
  Note Help indicates incorrectly JVM.CONFIG and BAK are in cf_root\runtime\bin where as JVM.CONFIG is located cf_root\instance\bin .
  Thanks in advance, Carl.

  I must have not had enough coffee - JVM.BAK is created in where JVM.CONFIG is found. Pardon me.

• [SOLVED] Resetting config files from a package

  Suppose I modify a file called /etc/examplefile.conf from a package example-package.
  What is the easiest / most elegant way to reset this file? Reset = restore the file to its original, removing my modifications.
  This[1] topic discusses this, but it is two years old. I would say the "best" solution there was the one suggested in #7:
  you could move the config file first then reinstall.
  But I'm not sure if this is safe. For a dummy example, removing /etc/pacman.conf then reinstalling pacman wouldn't probably be a good idea (I suspect this wouldn't work).
  OBS.: Getting the original file from the package from the cache is an obvious solution, but I'm searching for a simpler (more direct) way to do this (a bash/zsh one-liner would be sufficient, for example).
  [1]: https://bbs.archlinux.org/viewtopic.php?id=137526
  Last edited by thiagowfx (2014-04-26 21:49:20)

  FYI, pkg_scripts are available both in the AUR https://aur.archlinux.org/packages/pkg_scripts/ and in Xyne's repo: https://wiki.archlinux.org/index.php/Un … #xyne-i686 or https://wiki.archlinux.org/index.php/Un … #xyne-i686

• Basic questions about config backup/restore

  I've searched around with limited success. I've just inherited the Ironport devices in our enviornment and need to perform an OS upgrade of our cluster. Prior to doing so, I want to backup each members config file. (also, I want to do this before doing any config changes)
  If I back up each member's config to the device, how I can access/edit these config files so I can replaced the masked password fields with the actual passwords?
  I'm aware of the unmasked/hashed password version of the file, but we'd like to avoid that if we can.

  The config file itself is just a text/xml file and most good text editors (vi/textpad) will handle it easily.
  Even when passwords are not masked, they are always encrypted. The only way to manually insert a password would be to encrypt it and put the result back in the config file.
  As long as you are choosing strong passwords (hint) it is not at all an easy task to force decrypt the hashed password string. Even if you are completely paranoid, just store the config file somewhere in an encrypted format.
  Bottom line: don't mess up your "backup" by manipulating it in a way that could render it useless just when you most need it. Manual editing of config files is tricky and AFAIK not officially supported in any way.