Cisco Virtual Network Management Center GUI Configuration Guide, Release 1.0.1
Configuring Backups

Configuring Backups

This chapter includes the following sections:

Restoring the Cisco VNMC Software to the Backup Configuration

Restoring the Cisco VNMC Software to the Backup Configuration

Procedure
    Step 1   Install the Cisco VNMC virtual machine (VM).

    For details, see the Cisco Virtual Security Gateway, Release 4.2(1)VSG1(1) and Cisco Virtual Network Management Center, Release 1.0.1 Installation Guide.

    Step 2   Uninstall the Cisco VSG policy agents.

    Connect the Secure Shell to the Cisco VSG console for this task. This step does not cause a traffic disruption.



    Example:
    vsg# conf t
    vsg (config)# vnm-policy-agent
    vsg (config-vnm-policy-agent)# no policy-agent-image
    Note    Perform this step for all Cisco VSGs that are associated with the Cisco VNMC that you are restoring.
    Step 3   Uninstall the VSM policy agents.

    Connect the Secure Shell to the VSM console for this task. This step does not cause a traffic disruption.



    Example:
    vsm# conf t
    vsm (config)# vnm-policy-agent
    vsm (config-vnm-policy-agent)# no policy-agent-image
    Note    Perform this step for all VSMs that are associated with the Cisco VNMC you are restoring.
    Step 4   Restore the Cisco VNMC database.

    Connect the Secure Shell to the Cisco VNMC CLI for this task. Depending upon your Cisco VNMC backup location, restore using File Transfer Protocol (FTP), Secure Copy (SCP), Trivial File Transfer Protocol (TFTP), or Secure File Transfer Protocol (SFTP).



    Example:
    vnmc# connect local-mgmt
    vnmc(local-mgmt)# restore scp:[//[username@]server][/path]
    Step 5   In the Cisco VNMC GUI, click Administration > Service Registry > Clients, and in the Work pane do the following:
    1. Wait until each registered VSM displays the operational status as lost-visibility.
    2. Choose each VSM, and click the Delete Client icon.
    Step 6   In the Cisco VNMC GUI, click Resource Management > Resources > Virtual Supervisor Modules, and verify that the deleted VSMs are not visible.
    Step 7   Reinstall the VSM policy agents.
    Note    If the VSM policy agents must be upgraded, install the new software now.


    Example:
    VSM# conf t
    VSM (config)# vnm-policy-agent
    VSM (config-vnm-policy-agent)# policy-agent-image bootflash:vnmc-vsmpa.1.0.1g.bin
    Step 8   Wait until all the VSMs have registered in the Service Registry and are displayed under Resource Management > Resources > Virtual Supervisor Modules.
    Step 9   Reinstall the Cisco VSG policy agents.
    Note   

    If the Cisco VSG policy agents must be upgraded, install the new software now.



    Example:
    VSG# conf t
    VSG (config)# vnm-policy-agent
    VSG (config-vnm-policy-agent)# policy-agent-image bootflash:vnmc-vsgpa.1.0.1g.bin
    Step 10   Verify the following states after the restore process is complete:
    Note   

    The restore process could take a few minutes depending upon your setup environment.

    1. On the Cisco VSG CLI, verify that your configurations are restored to their earlier state.
    2. On the Cisco VNMC GUI, verify that your objects and policies are restored to their earlier state.

    Configuring Backup Operations

    Creating a Backup Operation

    Before You Begin

    Obtain the backup server IP address and authentication credentials.

    Procedure
      Step 1   In the Navigation pane, click the Administration tab.
      Step 2   In the Navigation pane, click the Operations subtab.
      Step 3   In the Navigation pane, click the Backups node.
      Step 4   In the Work pane, click the Create Backup Operation link.
      Step 5   In the Create Backup Operation dialog box, complete the following fields:
      Name Description

      Admin State radio button

      This can be:
      • enabledCisco VNMC runs the backup operation as soon as you click OK.
      • disabledCisco VNMC does not run the backup operation when you click OK. If you select this option, all fields in the dialog box remain visible.

      Type field

      The information saved in the backup configuration file.

      Full state—A copy of the database file. You can use this file for disaster recovery if you need to recreate every configuration on the Cisco VNMC.

      Protocol radio button

      The protocol to use when communicating with the remote server. This can be:
      • FTP
      • SCP
      • SFTP
      • TFTP

      Hostname field

      The hostname or IP address of the location where the backup file is stored.

      Note   

      If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.

      The hostname cannot be changed when editing the operation.

      User field

      The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.

      Password field

      The password for the remote server username. This field does not apply if the protocol is TFTP.

      Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.

      Remote File field

      The full path to the backup configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.

      Step 6   Click OK.

      Running a Backup Operation

      Procedure
        Step 1   In the Navigation pane, click the Administration tab.
        Step 2   In the Navigation pane, click the Operations subtab.
        Step 3   In the Navigation pane, click and expand the Backups node.
        Step 4   In the Navigation pane, click the file you want to run.
        Step 5   In the Work pane, click on the Properties tab.
        Step 6   In the Properties area, complete the following fields:
        1. In the Admin State field, click the enabled button.
        2. For all the protocols, except TFTP, enter the password for the username in the Password field.
        3. (Optional) Change the content of the other available fields.
        Step 7   Click Save.

        Cisco VNMC takes a snapshot of the configuration type that you selected and exports the file to the network location.

        Step 8   (Optional) To view the progress of the backup operation, click the FSM tab in the pane. The backup operation continues to run until it is completed.

        Editing a Backup Operation

        Before You Begin

        Obtain the backup server IP address and authentication credentials.

        Procedure
          Step 1   In the Navigation pane, click the Administration tab.
          Step 2   In the Navigation pane, click the Operations subtab.
          Step 3   In the Navigation pane, click the Backups node.
          Step 4   In the Work pane, expand the items in the table, and select the backup operation you want to edit.
          Step 5   Click the Edit link.
          Step 6   In the Edit dialog box, modify the fields as appropriate:
          Name Description

          Admin State radio button

          This can be:
          • enabledCisco VNMC runs the backup operation as soon as you click OK.
          • disabledCisco VNMC does not run the backup operation when you click OK. If you select this option, all fields in the dialog box remain visible.

          Type field

          The information saved in the backup configuration file.

          Full state—A copy of the database file. You can use this file for disaster recovery if you need to recreate every configuration on the Cisco VNMC.

          Protocol radio button

          The protocol to use when communicating with the remote server. This can be:
          • FTP
          • SCP
          • SFTP
          • TFTP

          Hostname field

          The hostname or IP address of the location where the backup file is stored.

          Note   

          If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.

          The hostname cannot be changed when editing the operation.

          User field

          The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.

          Password field

          The password for the remote server username. This field does not apply if the protocol is TFTP.

          Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.

          Remote File field

          The full path to the backup configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.

          Step 7   Click OK.

          Deleting a Backup Operation

          Procedure
            Step 1   In the Navigation pane, click the Administration tab.
            Step 2   In the Navigation pane, click the Operations subtab.
            Step 3   In the Navigation pane, click the Backups node.
            Step 4   In the Work pane, expand the items in the table, and select the backup operation you want to delete.
            Step 5   Click the Delete link.
            Step 6   In the Confirm dialog box, click OK.

            Configuring Import Operations

            Creating an Import Operation

            Before You Begin

            Obtain the backup server IP address and authentication credentials.

            Important:

            The association of compute firewalls with VSGs are not included in the export or import data. Only the compute firewall definitions are included, such as device profiles and policies. Therefore, if an imported compute firewall did not exist in the system, it will not be associated to any VSG after the import operation. If an imported firewall already existed in the system, the association state remains the same.

            Procedure
              Step 1   In the Navigation pane, click the Administration tab.
              Step 2   In the Navigation pane, click the Operations subtab.
              Step 3   In the Navigation pane, click the Backups node.
              Step 4   In the Work pane, click the Create Import Operation link.
              Step 5   In the Create Import Operation dialog box, complete the following fields:
              Name Description

              Admin State radio button

              This can be:
              • enabledCisco VNMC runs the import operation as soon as you click OK.
              • disabledCisco VNMC does not run the import operation when you click OK. If you select this option, all fields in the dialog box remain visible.

              Action radio button

              The action to be taken on the file. This can be:
              • merge
              • replace

              Protocol radio button

              The protocol to use when communicating with the remote server. This can be:
              • FTP
              • SCP
              • SFTP
              • TFTP

              Hostname field

              The hostname or IP address of the location where the backup file is stored.

              Note   

              If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.

              The hostname cannot be changed when editing the operation.

              User field

              The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.

              Password field

              The password for the remote server username. This field does not apply if the protocol is TFTP.

              Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.

              Remote File Prefix field

              The full path to the import configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.

              Step 6   Click OK.

              Editing an Import Operation

              Before You Begin

              Obtain the backup server IP address and authentication credentials.

              Procedure
                Step 1   In the Navigation pane, click the Administration tab.
                Step 2   In the Navigation pane, click the Operations subtab.
                Step 3   In the Navigation pane, click the Backups node.
                Step 4   In the Work pane, expand the items in the table, and select the import operation you want to edit.
                Step 5   Click the Edit link.
                Step 6   In the Edit dialog box, modify the fields as appropriate:
                Name Description

                Admin State radio button

                This can be:
                • enabledCisco VNMC runs the import operation as soon as you click OK.
                • disabledCisco VNMC does not run the import operation when you click OK. If you select this option, all fields in the dialog box remain visible.

                Action radio button

                The action to be taken on the file. This can be:
                • merge
                • replace

                Protocol radio button

                The protocol to use when communicating with the remote server. This can be:
                • FTP
                • SCP
                • SFTP
                • TFTP

                Hostname field

                The hostname or IP address of the location where the backup file is stored.

                Note   

                If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.

                The hostname cannot be changed when editing the operation.

                User field

                The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.

                Password field

                The password for the remote server username. This field does not apply if the protocol is TFTP.

                Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.

                Remote File Prefix field

                The full path to the import configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.

                Step 7   Click OK.

                Deleting an Import Operation

                Procedure
                  Step 1   In the Navigation pane, click the Administration tab.
                  Step 2   In the Navigation pane, click the Operations subtab.
                  Step 3   In the Navigation pane, click the Backups node.
                  Step 4   In the Work pane, expand the items in the table, and select the import operation you want to delete.
                  Step 5   Click the Delete link.
                  Step 6   In the Confirm dialog box, click OK.

                  Configuring Export Operations

                  Creating an Export Operation

                  Before You Begin

                  Obtain the backup server IP address and authentication credentials.

                  Important:

                  The association of compute firewalls with VSGs are not included in the export or import data. Only the compute firewall definitions are included, such as device profiles and policies. Therefore, if an imported compute firewall did not exist in the system, it will not be associated to any VSG after the import operation. If an imported firewall already existed in the system, the association state remains the same.

                  Procedure
                    Step 1   In the Navigation pane, click the Administration tab.
                    Step 2   In the Navigation pane, click the Operations subtab.
                    Step 3   In the Navigation pane, click the Backups node.
                    Step 4   In the Work pane, click the Create Export Operation link.
                    Step 5   In the Create Export Operation dialog box, complete the following fields:
                    Name Description

                    Admin State radio button

                    This can be:
                    • enabledCisco VNMC runs the export operation as soon as you click OK.
                    • disabledCisco VNMC does not run the export operation when you click OK. If you select this option, all fields in the dialog box remain visible.

                    Type radio button

                    The type of file. This can be:
                    • config-all
                    • config-logical
                    • config-system

                    Protocol radio button

                    The protocol to use when communicating with the remote server. This can be:
                    • FTP
                    • SCP
                    • SFTP
                    • TFTP

                    Hostname field

                    The hostname or IP address of the location where the backup file is stored.

                    Note   

                    If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.

                    The hostname cannot be changed when editing the operation.

                    User field

                    The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.

                    Password field

                    The password for the remote server username. This field does not apply if the protocol is TFTP.

                    Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.

                    Remote File Prefix field

                    The full path to the export configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.

                    Step 6   Click OK.

                    Editing an Export Operation

                    Before You Begin

                    Obtain the backup server IP address and authentication credentials.

                    Procedure
                      Step 1   In the Navigation pane, click the Administration tab.
                      Step 2   In the Navigation pane, click the Operations subtab.
                      Step 3   In the Navigation pane, click the Backups node.
                      Step 4   In the Work pane, expand the items in the table, and select the export operation you want to edit.
                      Step 5   Click the Edit link.
                      Step 6   In the Edit dialog box, modify the fields as appropriate:
                      Name Description

                      Admin State radio button

                      This can be:
                      • enabledCisco VNMC runs the export operation as soon as you click OK.
                      • disabledCisco VNMC does not run the export operation when you click OK. If you select this option, all fields in the dialog box remain visible.

                      Type radio button

                      The type of file. This can be:
                      • config-all
                      • config-logical
                      • config-system

                      Protocol radio button

                      The protocol to use when communicating with the remote server. This can be:
                      • FTP
                      • SCP
                      • SFTP
                      • TFTP

                      Hostname field

                      The hostname or IP address of the location where the backup file is stored.

                      Note   

                      If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.

                      The hostname cannot be changed when editing the operation.

                      User field

                      The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.

                      Password field

                      The password for the remote server username. This field does not apply if the protocol is TFTP.

                      Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.

                      Remote File Prefix field

                      The full path to the export configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.

                      Step 7   Click OK.

                      Deleting an Export Operation

                      Procedure
                        Step 1   In the Navigation pane, click the Administration tab.
                        Step 2   In the Navigation pane, click the Operations subtab.
                        Step 3   In the Navigation pane, click the Backups node.
                        Step 4   In the Work pane, expand the items in the table, and select the export operation you want to delete.
                        Step 5   Click the Delete link.
                        Step 6   In the Confirm dialog box, click OK.