Guest

TCP and UDP Stateful Protocols

ACS Backup with an FTP Repository Configuration Example

Document ID: 116282

Updated: Mar 17, 2014

Contributed by Minakshi Kumar, Cisco TAC Engineer.

   Print

Introduction

This document describes the process used in order to create a File Transfer Protocol (FTP) repository and enable scheduled backups with the Cisco Secure Access Control Server (ACS) CLI and GUI.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on Cisco Secure ACS Version 5.x.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Configure

Create an FTP Repository with the ACS CLI

Enter these commands on the CLI with the information for your FTP server.

acs/admin(config)# repository myrepository
acs/admin(config-Repository)#url ftp://101.10.10.1/
acs/admin(config-Repository) #username anonymous password plain anonymous
acs/admin(config-Reposotory) #exit

Create an ACS Backup with the CLI

Application and Application Deployment Engine (ADE) Operating System (OS) Backup

Enter this command on the CLI. This command includes the ADE OS configuration.

acs/admin#acs backup backup-name repository myrepository

ACS backup files include:

  • Database - Database files include data related to ACS.
  • Database password file - dbcred.cal, located at /opt/CSCOacs/conf.
  • Certificate store - Located at /opt/CSCOacs/conf.
  • Viewer database - If the ACS node you back up has the Viewer enabled.

Enter the show backup history command in order to display the backup operations and determine whether they succeeded.

Application Only Backup

Enter this command:

acs/admin#acs backup backup-name repository myrepository

Configure an FTP Repository with the GUI

Navigate to System Administration > Operations > Software Repositories and enter the information that pertains to your FTP server in a new repository or edit a current one.

Schedule Backups with the GUI

Backups can be scheduled to run at pre-defined intervals. Schedule backups from the primary web interface or through the local CLI. The Scheduled Backups feature backs up ACS configuration data.

Navigate to System Administration > Operations > Scheduled Backups, click Create, and enter this information:

  • Backup Data - Filename created by the backup includes a time stamp and file type information appended to the prefix entered.
  • Filename Prefix - Enter the name for the ACS backup.
  • Repository - Click Select to open, and a new dialog box opens where you can store the backup.
  • Time of Day - Choose the appropriate time.

In the example below, the filename is acsbackup and the repository name is myrepository.

 

After you click Submit, check the FTP server in order to verify that the ACS backup was created and transferred successfully. 

Verify

Use this section in order to confirm that your configuration works properly.

Preview the /opt/CSCOacs/logs/acsbackup_instance.log file for information about the last backup operation.

The Output Interpreter Tool (registered customers only) supports certain show commands. Use the Output Interpreter Tool in order to view an analysis of show command output.

  • show backup history - Displays the status of the backup operations.

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Updated: Mar 17, 2014
Document ID: 116282