Question : backup cisco router config.

hi,
i'm trobled by a project of backup 40 cisco routers' configuration, retrive syslog file at 6.00 pm, and generate the syslog into traffic statistic..

erm.. its quite a hugh chunk har...

can the experts out there, advise me on any of the issues...

: Þ Thanks for all your valuable comments.. :Þ

..All The Best To All Of You..

Answer : backup cisco router config.

6:00pm sounds like a crappy time to download syslog data - you might want to choose a time less likely to create network congestion problems for your users...

As for backing up the router configs, you can do this with a web spider, if you enable the HTTP server option on the routers, or you can write a simple automated telnet-type script to log into the routers and issue a 'show run', capturing the results (that's what we used to do at Wells Fargo). Perhaps a better solution would be to download the config via SNMP, but if you want an easy restore option, you could tftp-upload the config to a central tftp server, somewhere. Bear in mind, as you do these things, that the login process, entering your router, is typically done in the clear, leaving your administrative passwords easy to intercept - especially if the attacker knows that he needs to be listening, at the target location, at a specific time of the day or night. Worse, if you use the same (or similar) passwords on all of the routers, then a compromise of one, compromises them all. Be careful where you fling those passwords around to... :)

If you just want traffic statistics on the router, look into MRTG (the Multi-Router Traffic Grapher), available as freeware at http://people.ee.ethz.ch/~oetiker/webtools/mrtg/ - and to hell with trying to develop traffic statistics from the syslogs; get that data from the routers' own traffic counters and read-only SNMP community, in more-or-less real time. If the router configuration backup is a one-time, or rare occasion, thing, then go with the tftp option - that makes restoral easy, and to do it on only 40 routers, is not sucha terribly burdensome task, unless you have to do it every day, or some such - in which case, you would probably want to automate it, with something like a telnet-type script... :)

Hope that helps!

Random Solutions

Migrating Novell Netmail to Exchange

The server has rejected your login

Broken share paths with file server rename?

Cisco PIX 515E - Routing on same interface

Active Directory domain and DNS question

Mobile Broadband Cards

svchost.exe using 100% of CPU

Two users on One PC using VNC

Trust association interceptor

Help Desk Report