Backing Up Your Cisco Configurations 101

It is best practice to back up your device’s configuration state early and often. Cisco devices provide a variety of options to do just that, whether it be through an FTP server, TFTP server, Ansible, or to a local machine.

How Often Should Configurations Be Backed Up?

First and foremost, back up your configuration state prior to any updates to the network. This will ensure you have a fresh copy of your prior configuration to fall back on in case the changes you push break something.

The frequency of your backups will depend on the state of your network and how often it changes. It is best practice to do it at least weekly, but if you have a large enterprise network that is constantly changing you may want to do backups daily. The window in which you do them daily/weekly will also depend on when your changes are implemented.

If changes are being made all day long, it may be best to do a snapshot on the configuration both at the start and end of the day, but if changes are only made on Thursday at 7pm, it may be best to schedule backups to be updated sometime after the change window like 2am the following morning.

If you're looking for other Cisco technical information, look here.

Wondering what we have in stock? Go here.

How Can I Backup My Current Configuration?

Option 1: Use a TFTP Server on the Network for Backup and Restoring Configurations

1. Assuming you have a local TFTP server, setting up the following configuration will allow you to back up your running configuration to the local TFTP server (applies to both routers and switches; we use a router in this example): 

Copy the configuration to the TFTP server:

2. To ensure you do not have any future security issues, open your configuration file in a text editor like Notepad ++ and remove any of the configuration settings starting with ‘AAA’.

3. To test out the saved configuration on a different device we can now attempt to pull the configuration from the TFTP server to a different router.

Option 2: Use an FTP Server on the Network to Backup and Restore Configurations

1. Assuming you have a local FTP server, setting up the following configuration will allow you to back up your running configuration to the local FTP server (applies to both routers and switches; we use a router in this example):

Copy the configuration to the FTP server:

2. To ensure you do not have any future security issues, open your configuration file in a text editor like Notepad++ and remove any of the configuration settings starting with ‘AAA’.
3. To test out the saved configuration on a different device we can now attempt to pull the configuration from the FTP server to a different router.

Configure privileged access for FTP configuration file transfers:

If you're not sure which option to use, speak with a specialist by clicking below. We have engineers ready to chat through any problem and guide you through your configurations.

Configuration Versioning

Cisco devices allow you to archive configurations to the local flash storage. When setting the configuration you create a file path, set the maximum number of files you want to store, and can optionally add a timestamp to the saved files. When you hit the maximum number of files stored, the oldest will be deleted, and the newest file will take its place.

How To Setup a Configuration Archive

PivIT Troubleshooting Tips

The ability to troubleshoot what configurations are being saved, when, and where can help prevent disaster when you need those backup configurations the most. The following commands allow you to view the logs of your configuration archive process:

Before we wrap up with a few alternative Open-Source Options, here are other configuration guides our readers have found useful in their processes.

• Cisco IOS DHCP Server Configuration
• Configuration Guide: Routing Between VLANs
• Back to the Basics: Cisco ASA Firewall Configuration Guide

Alternative Open-Source Options

1. Oxidized
   PivIT can implement open-source tools like Oxidized (https://github.com/ytti/oxidized) to help optimize configuration backups through the utilization of REST APIs and version control with Git. Oxidized is typically run in a Linux-based environment and can interact with over 130 operating systems.
   
2. Ansible
   Ansible is another open-source automation tool that is maintained by Red Hat. It can be used to provision, configure, and manage large-scale deployments. This allows you to push and pull configurations at will. You can automate the backup process of your configuration to a local or external storage location with some programmatic functionality.

Don't Go IT Alone

We have expert engineers on hand 24/7 to help you navigate any roadblock you are experiencing. Reach out -- we're here to help!