Chapter 2. Firewall Configuration and Management
2.0. Introduction
This chapter will build on Chapter 1 and move on to describing how to manage the movement of data onto and off of the firewall. We will also describe some best practice approaches to control access to and manage ScreenOS in your environment.
2.1. Use TFTP to Transfer Information to and from the Firewall
Problem
You are troubleshooting an issue and need to save captured data currently on the firewall to a file, back up the current configuration, and then upload a new version of code, all with the Trivial File Transfer Protocol (TFTP).
Solution
Use the "redirect to TFTP” capability in the CLI to copy the information to your TFTP server:
top-ssg140-> get log event > tftp 10.251.7.113 eventlog.txt
redirect to 10.251.7.113,eventlog.txt
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
tftp transferred records = 15
tftp success!
top-ssg140->Then, back up the existing configuration:
top-ssg140-> save config to tftp 10.251.7.113
borderfw1_config_021107_1215.txt
Read the current config.
Save configurations (3918 bytes) to borderfw1_config_021107_1215.txt
on TFTP server 10.251.7.113.
!!!!!!!!!!!!!!!!!!!
tftp transferred records = 8
tftp success!!
TFTP Succeeded
top-ssg140->Lastly, copy the new version of the ScreenOS software to your firewall and save it:
top-ssg140-> save software from tftp 10.251.7.113 ssg140.6.0.0r1.0
to flash Load software from 10.251.7.113/ssg140.6.0.0r1.0 . !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ...Get ScreenOS Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
