Home > Cisco > Configuration change monitoring and configuration backup on Cisco routers and switches

Configuration change monitoring and configuration backup on Cisco routers and switches

Here is a nice and easy way to keep track of configuration changes which take place on your Cisco IOS routers and switches. This configuration keeps all configuration commands logged on your syslog and also automatically backs up the latest version of your configuration as soon as you issue copy run start command. It will also automatically create a configuration backup at specified intervals (time-period).

archive
 log config
  logging enable
  hidekeys
 path ftp://<username>:<pass>@<ftp-server-ip>/$h/config
 write-memory
 time-period 43200

Depending on configuration of your FTP server you may need to create necessary folders in advance ($h in the path command above will translate into the router’s hostname). There is also a variable $t which you can use BUT not with Windows FTP server as colons used by Cisco in time stamps are not accepted by Windows file system, unfortunately.

With regard to the above you may also find these commands useful:

ip ftp source-interface <ifname>
logging source-interface <ifname>

Then it will be your headache to make sure that your FTP server is sound and secure and nobody can access the configuration files in transit and at rest. Also keep in mind that your FTP password is transmitted in clear text. You may be able to use HTTPS as transport for configuration backup (depends on your IOS version).

Advertisements
Categories: Cisco
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: