Support User Manuals

Cisco Systems IPS4520K9 Network Router User Manual

Open as PDF

of 460

E-6

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

OL-24002-01

Appendix E Troubleshooting

Disaster Recovery

************************ WARNING *******************************************************

UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED. This account is intended to be

used for support and troubleshooting purposes only. Unauthorized modifications are not

supported and will require this device to be reimaged to guarantee proper operation.

****************************************************************************************

Disaster Recovery

Follow these recommendations so that you are ready in case of a disaster:

•

If you are using the CLI, IDM, or IME for configuration, copy the current configuration from the

sensor to an FTP or SCP server any time a change has been made.

•

You should note the specific software version for that configuration. You can apply the copied

configuration only to a sensor of the same version.

•

You also need the list of user IDs that have been used on that sensor. The list of user IDs and

passwords are not saved in the configuration.

When a disaster happens and you need to recover the sensor, try the following:

1.

Reimage the sensor.

2.

Log in to the sensor with the default user ID and password—cisco.

Note

You are prompted to change the cisco password.

3.

Initialize the sensor.

4.

Upgrade the sensor to the IPS software version it had when the configuration was last saved and

copied.

Warning

Trying to copy the saved configuration without getting the sensor back to the same IPS software

version it had before the disaster can cause configuration errors.

5.

Copy the last saved configuration to the sensor.

6.

Update clients to use the new key and certificate of the sensor. Reimaging changes the sensor SSH

keys and HTTPS certificate, so you must add the hosts back to the SSN known hosts list.

7.

Create previous users.

For More Information

•

For the procedure for backing up a configuration file, see Creating and Using a Backup

Configuration File, page E-2.

•

For the procedures for reimaging a sensor, see Chapter D, “Upgrading, Downgrading, and Installing

System Images.”

•

For the procedure for using the setup command to initialize the sensor, see Appendix B,

“Initializing the Sensor.”

•

For more information on obtaining IPS software and how to install it, see Obtaining Cisco IPS

Software, page C-1.

previous next