Restoring the Cisco VNMC Software to the Backup Configuration
Restoring the Cisco VNMC Software to the Backup Configuration
Procedure
Step 1
Install the Cisco VNMC virtual machine (VM).
For details, see the Cisco Virtual Security Gateway, Release 4.2(1)VSG1(1) and Cisco Virtual Network Management Center, Release 1.0.1 Installation Guide.
Step 2
Uninstall the Cisco VSG policy agents.
Connect the Secure Shell to the Cisco VSG console for this task. This step does not cause a traffic disruption.
Example:
vsg# conf t
vsg (config)# vnm-policy-agent
vsg (config-vnm-policy-agent)# no policy-agent-image
Note
Perform this step for all Cisco VSGs that are associated with the Cisco VNMC that you are restoring.
Step 3
Uninstall the VSM policy agents.
Connect the Secure Shell to the VSM console for this task. This step does not cause a traffic disruption.
Example:
vsm# conf t
vsm (config)# vnm-policy-agent
vsm (config-vnm-policy-agent)# no policy-agent-image
Note
Perform this step for all VSMs that are associated with the Cisco VNMC you are restoring.
Step 4
Restore the Cisco VNMC database.
Connect the Secure Shell to the Cisco VNMC CLI for this task. Depending upon your Cisco VNMC backup location, restore using File Transfer Protocol (FTP), Secure Copy (SCP), Trivial File Transfer Protocol (TFTP), or Secure File Transfer Protocol (SFTP).
In the Cisco VNMC GUI, click Administration > Service Registry > Clients, and in the Work pane do the following:
Wait until each registered VSM displays the operational status as lost-visibility.
Choose each VSM, and click the Delete Client icon.
Step 6
In the Cisco VNMC GUI, click Resource Management > Resources > Virtual Supervisor Modules, and verify that the deleted VSMs are not visible.
Step 7
Reinstall the VSM policy agents.
Note
If the VSM policy agents must be upgraded, install the new software now.
Example:
VSM# conf t
VSM (config)# vnm-policy-agent
VSM (config-vnm-policy-agent)# policy-agent-image bootflash:vnmc-vsmpa.1.0.1g.bin
Step 8
Wait until all the VSMs have registered in the Service Registry and are displayed under Resource Management > Resources > Virtual Supervisor Modules.
Step 9
Reinstall the Cisco VSG policy agents.
Note
If the Cisco VSG policy agents must be upgraded, install the new software now.
Example:
VSG# conf t
VSG (config)# vnm-policy-agent
VSG (config-vnm-policy-agent)# policy-agent-image bootflash:vnmc-vsgpa.1.0.1g.bin
Step 10
Verify the following states after the restore process is complete:
Note
The restore process could take a few minutes depending upon your setup environment.
On the Cisco VSG CLI, verify that your configurations are restored to their earlier state.
On the Cisco VNMC GUI, verify that your objects and policies are restored to their earlier state.
Configuring Backup Operations
Creating a Backup Operation
Before You Begin
Obtain the backup server IP address and authentication credentials.
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, click the Create Backup Operation link.
Step 5
In the
Create Backup Operation dialog box, complete the following fields:
Name
Description
Admin State radio button
This can be:
enabled—Cisco VNMC runs the backup operation as soon as you click OK.
disabled—Cisco VNMC does not run the backup operation when you click OK. If you select this option, all fields in the dialog box remain visible.
Type field
The information saved in the backup configuration file.
Full state—A copy of the database file. You can use this file for disaster recovery if you need to recreate every configuration on the Cisco VNMC.
Protocol radio button
The protocol to use when communicating with the remote server. This can be:
FTP
SCP
SFTP
TFTP
Hostname field
The hostname or IP address of the location where the backup file is stored.
Note
If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.
The hostname cannot be changed when editing the operation.
User field
The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.
Password field
The password for the remote server username. This field does not apply if the protocol is TFTP.
Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.
Remote File field
The full path to the backup configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.
Step 6
Click
OK.
Running a Backup Operation
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click and expand the Backups node.
Step 4
In the Navigation pane, click the file you want to run.
Step 5
In the Work pane, click on the Properties tab.
Step 6
In the Properties area, complete the following fields:
In the Admin State field, click the enabled button.
For all the protocols, except TFTP, enter the password for the username in the Password field.
(Optional) Change the content of the other available fields.
Step 7
Click
Save.
Cisco VNMC takes a snapshot of the configuration type that you selected and exports the file to the network location.
Step 8
(Optional) To view the progress of the backup operation, click the FSM tab in the pane. The backup operation continues to run until it is completed.
Editing a Backup Operation
Before You Begin
Obtain the backup server IP address and authentication credentials.
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, expand the items in the table, and select the backup operation you want to edit.
Step 5
Click the Edit link.
Step 6
In the
Edit dialog box, modify the fields as appropriate:
Name
Description
Admin State radio button
This can be:
enabled—Cisco VNMC runs the backup operation as soon as you click OK.
disabled—Cisco VNMC does not run the backup operation when you click OK. If you select this option, all fields in the dialog box remain visible.
Type field
The information saved in the backup configuration file.
Full state—A copy of the database file. You can use this file for disaster recovery if you need to recreate every configuration on the Cisco VNMC.
Protocol radio button
The protocol to use when communicating with the remote server. This can be:
FTP
SCP
SFTP
TFTP
Hostname field
The hostname or IP address of the location where the backup file is stored.
Note
If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.
The hostname cannot be changed when editing the operation.
User field
The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.
Password field
The password for the remote server username. This field does not apply if the protocol is TFTP.
Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.
Remote File field
The full path to the backup configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.
Step 7
Click
OK.
Deleting a Backup Operation
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, expand the items in the table, and select the backup operation you want to delete.
Step 5
Click the Delete link.
Step 6
In the
Confirm dialog box, click OK.
Configuring Import Operations
Creating an Import Operation
Before You Begin
Obtain the backup server IP address and authentication credentials.
Important:
The association of compute firewalls with VSGs are not included in the export or import data. Only the compute firewall definitions are included, such as device profiles and policies. Therefore, if an imported compute firewall did not exist in the system, it will not be associated to any VSG after the import operation. If an imported firewall already existed in the system, the association state remains the same.
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, click the Create Import Operation link.
Step 5
In the
Create Import Operation dialog box, complete the following fields:
Name
Description
Admin State radio button
This can be:
enabled—Cisco VNMC runs the import operation as soon as you click OK.
disabled—Cisco VNMC does not run the import operation when you click OK. If you select this option, all fields in the dialog box remain visible.
Action radio button
The action to be taken on the file. This can be:
merge
replace
Protocol radio button
The protocol to use when communicating with the remote server. This can be:
FTP
SCP
SFTP
TFTP
Hostname field
The hostname or IP address of the location where the backup file is stored.
Note
If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.
The hostname cannot be changed when editing the operation.
User field
The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.
Password field
The password for the remote server username. This field does not apply if the protocol is TFTP.
Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.
Remote File Prefix field
The full path to the import configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.
Step 6
Click
OK.
Editing an Import Operation
Before You Begin
Obtain the backup server IP address and authentication credentials.
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, expand the items in the table, and select the import operation you want to edit.
Step 5
Click the Edit link.
Step 6
In the
Edit dialog box, modify the fields as appropriate:
Name
Description
Admin State radio button
This can be:
enabled—Cisco VNMC runs the import operation as soon as you click OK.
disabled—Cisco VNMC does not run the import operation when you click OK. If you select this option, all fields in the dialog box remain visible.
Action radio button
The action to be taken on the file. This can be:
merge
replace
Protocol radio button
The protocol to use when communicating with the remote server. This can be:
FTP
SCP
SFTP
TFTP
Hostname field
The hostname or IP address of the location where the backup file is stored.
Note
If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.
The hostname cannot be changed when editing the operation.
User field
The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.
Password field
The password for the remote server username. This field does not apply if the protocol is TFTP.
Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.
Remote File Prefix field
The full path to the import configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.
Step 7
Click
OK.
Deleting an Import Operation
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, expand the items in the table, and select the import operation you want to delete.
Step 5
Click the Delete link.
Step 6
In the
Confirm dialog box, click OK.
Configuring Export Operations
Creating an Export Operation
Before You Begin
Obtain the backup server IP address and authentication credentials.
Important:
The association of compute firewalls with VSGs are not included in the export or import data. Only the compute firewall definitions are included, such as device profiles and policies. Therefore, if an imported compute firewall did not exist in the system, it will not be associated to any VSG after the import operation. If an imported firewall already existed in the system, the association state remains the same.
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, click the Create Export Operation link.
Step 5
In the
Create Export Operation dialog box, complete the following fields:
Name
Description
Admin State radio button
This can be:
enabled—Cisco VNMC runs the export operation as soon as you click OK.
disabled—Cisco VNMC does not run the export operation when you click OK. If you select this option, all fields in the dialog box remain visible.
Type radio button
The type of file. This can be:
config-all
config-logical
config-system
Protocol radio button
The protocol to use when communicating with the remote server. This can be:
FTP
SCP
SFTP
TFTP
Hostname field
The hostname or IP address of the location where the backup file is stored.
Note
If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.
The hostname cannot be changed when editing the operation.
User field
The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.
Password field
The password for the remote server username. This field does not apply if the protocol is TFTP.
Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.
Remote File Prefix field
The full path to the export configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.
Step 6
Click
OK.
Editing an Export Operation
Before You Begin
Obtain the backup server IP address and authentication credentials.
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, expand the items in the table, and select the export operation you want to edit.
Step 5
Click the Edit link.
Step 6
In the
Edit dialog box, modify the fields as appropriate:
Name
Description
Admin State radio button
This can be:
enabled—Cisco VNMC runs the export operation as soon as you click OK.
disabled—Cisco VNMC does not run the export operation when you click OK. If you select this option, all fields in the dialog box remain visible.
Type radio button
The type of file. This can be:
config-all
config-logical
config-system
Protocol radio button
The protocol to use when communicating with the remote server. This can be:
FTP
SCP
SFTP
TFTP
Hostname field
The hostname or IP address of the location where the backup file is stored.
Note
If you use a hostname rather than an IP address, you must configure a DNS server in Cisco VNMC.
The hostname cannot be changed when editing the operation.
User field
The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP.
Password field
The password for the remote server username. This field does not apply if the protocol is TFTP.
Cisco VNMC does not store this password. Therefore, you do not need to enter this password unless you intend to enable and run the backup operation immediately.
Remote File Prefix field
The full path to the export configuration file. This field can contain the filename as well as the path. If you omit the filename, the backup procedure assigns a name to the file.
Step 7
Click
OK.
Deleting an Export Operation
Procedure
Step 1
In the Navigation pane, click the Administration tab.
Step 2
In the Navigation pane, click the Operations subtab.
Step 3
In the Navigation pane, click the Backups node.
Step 4
In the Work pane, expand the items in the table, and select the export operation you want to delete.