Thwack » SolarWinds » Product Reviews by SolarWinds Customers » F5 FP1000 config backups in Cirrus

in More Search Options

F5 FP1000 config backups in Cirrus

Last post 08-05-2008 5:56 PM by chris.lapoint. 3 replies.
Page 1 of 1 (4 items)
Sort Posts:

  • 08-05-2008 3:02 PM

    • tbaggins
    • Top 200 Contributor
      •
    • Joined on 06-08-2007
    • Birmingham, AL
    • Posts 40
    • Points 116

    F5 FP1000 config backups in Cirrus

    Reply

     I have found a procedure for backing up and restoring configs in the Firepass 1000 SSL VPN equipment.  I was wondering.....If I run a serial cable to my Cirrus Config manager host....can I pull the config over the serial line instead of by IP?

     

    SOL3244: Backing up and restoring FirePass system software

    Updated: 7/17/07 12:00 AM



    Beginning in FirePass version 5.0, you can use the snapshot feature to create an image of the current system software and configuration. You can use this snapshot image, stored on the FirePass hard disk, to restore the system to a previous version or configuration.

    Note: The snapshot feature is available only on FirePass systems that are shipped with version 5.0 or later. You cannot use the snapshot feature on FirePass systems that you have upgraded from versions 3.x or 4.x. If you attempt to use the snapshot feature on a system that was not shipped with version 5.0 or later, you will receive the following error message:

    This functionality is not supported on this FirePass.

    Creating a snapshot

    To create a snapshot, perform the following steps:

    1. Connect a serial terminal to the FirePass controller, using a null-modem cable.

      Note: Refer to the FirePass Getting Started Guide for serial port settings for your hardware platform.

    2. Start a serial terminal session.

      A login prompt appears.

    3. Log in with the username maintenance.

      Note: A password is not required, by default.

      A screen of conditions of use appears.

    4. Press the Enter key or type y to agree to the conditions.

      A screen of options appears.

    5. Select the Create/restore FirePass snapshot option, and press the Enter key.
    6. When prompted to restart the FirePass controller in recovery mode, press the Enter key or type y to restart.

      The system will reboot.

      After reboot, you should see the following banner on the serial terminal:

      Welcome to the FirePass Snapshot Create/Restore Utility.
      Please login as 'maintenance'.
      firepass login:

    7. Log in with the username maintenance.

      A screen of options appears.

    8. Select the Create FirePass snapshot option and press the Enter key.

      A status screen is displayed while the snapshot is created.

    9. When the snapshot creation is complete, select the Exit and Reboot FirePass in normal mode option and press the Enter key.

      FirePass will reboot into normal operating (non-maintenance) mode.

    Restoring a snapshot

    To restore a snapshot, perform the following steps:

    1. Connect a serial terminal to the FirePass controller.

      Note: Refer to the FirePass Getting Started Guide for serial port settings for your hardware platform.

    2. Start a serial terminal session.

      A login prompt appears.

    3. Log in with the username maintenance.

      Note: A password is not required, by default.

      A screen of conditions of use appears.

    4. Press the Enter key or the y key to agree to the conditions, or the n key if you do not agree to the conditions.

      A screen of conditions appears.

    5. Select the Create/restore FirePass snapshot option, and press the Enter key.

      Note: In FirePass version 6.0 and later, a confirmation screen will appear.

    6. When prompted to restart the FirePass controller in recovery mode, type the Enter key or type y to restart

      The system will reboot. After reboot, you should see the following banner on the serial terminal:

      Welcome to the FirePass Snapshot Create/Restore Utility.
      Please login as 'maintenance'.
      firepass login:

    7. Log in with the username maintenance.

      A screen of options appears.

    8. Press the Enter key or the y key to agree to the conditions.

      A screen of options appears.

    9. Select one of the following options:
      • Revert FirePass to last working configuration snapshot

        This option restores FirePass using the last snapshot you created.

      • Revert FirePass to factory default snapshot

        This option restores FirePass using a snapshot of the base operating system at the time the unit was shipped. This snapshot does not contain your configuration.

      A status screen is displayed while the snapshot is restored.

    10. When the snapshot restoration is complete, select the Exit and Reboot FirePass in normal mode option.

      FirePass will reboot into normal operating (non-maintenance) mode.

     
    Filed under:
    • Post Points: 3

  • 08-05-2008 3:14 PM In reply to

    Re: F5 FP1000 config backups in Cirrus

    Reply

    This would require communication with the device via the serial port.  Currently, we support SSH, Telnet, TFTP, and SNMP/TFTP (for Cisco devices).

    Chris LaPoint
    Sr. Product Manager
    NCM (Cirrus), ipMonitor, LANsurveyor
    SolarWinds
    Austin, TX
    • Post Points: 3

  • 08-05-2008 3:31 PM In reply to

    • tbaggins
    • Top 200 Contributor
      •
    • Joined on 06-08-2007
    • Birmingham, AL
    • Posts 40
    • Points 116

    Re: F5 FP1000 config backups in Cirrus

    Reply

    Hmmm,  Is there some device I can attach a serial connection to that will then use Telnet to communicate back to Cirrus?  Say a 4 port serial box with IP connectivity using Telnet or SSH?
    Filed under:
    • Post Points: 3

  • 08-05-2008 5:56 PM In reply to

    Re: F5 FP1000 config backups in Cirrus

    Reply

    Yes, that should work.  Here are the instructions: 

    Adding Nodes Connected through a Serial Terminal Server
    When adding devices connected through a serial terminal server, you need to specify certain information that is specific to the terminal server device and other information that is specific to the device attached to the terminal server to which you want to connect. Complete the following procedure, paying close attention to the credential sections.
     
    To add a device connected through a serial terminal server:
    1. Click Nodes > Add New Node.
    2. Type the IP address of the node assigned through the terminal server. For example, the Cisco terminal server device used in the SolarWinds lab, a Cisco 2500 Access Server, uses ports appended to the end of the loopback IP address to specify different devices. In this case, type 10.10.29.1 2001. Some devices allow you to specify unique IP addresses, in which case, specify the assigned IP address in this field.
    3. Ignore the community string information, as it does not apply when connecting through a terminal server device.
    4. Select the device template for the connected device, not for the terminal server device.
    5. If you want to add the node to a group, type or select a node group from the list. If you do not select a group, your new node is grouped in the Unknown group.
    6. Specify the login credentials, enable level, and enable password for the target device. Again, do not specify the password for the terminal server device.
    7. Select Yes in the Terminal Server Support field.
    8. Click OK. When the Add Device dialog states that the IP address does not respond to SNMP queries, click Yes.
    Chris LaPoint
    Sr. Product Manager
    NCM (Cirrus), ipMonitor, LANsurveyor
    SolarWinds
    Austin, TX
    • Post Points: 1
Page 1 of 1 (4 items)