Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
- backup script will exit without reason. - sf-restore.pl will indicate the file does not exist despite being present (permissions are wrong). "The backup file does not exist in /ngfw/var/sf/backup"
- Restoring FTD backup from a FMC managed device on a locally managed device. - Restoring FTD backup where permissions are not as the system would set. Proper permissions shown below: root@FTD_lab2:/var/sf/backup# ls -lah total 61M drwxr-xr-x 2 www www 4.0K Oct 12 15:37 . drwxr-xr-x 76 sfsnort sfsnort 4.0K Oct 11 20:22 .. -rw-r--r-- 1 www root 61M Oct 12 15:37 FTD1_lab2_Primary_20231012113349.tar
- Change file permissions to match system generated permissions: - chown www:root .tar - chmod 644 .tar - Ensure that the device is not "locally" managed - From CLISH: show managers - If the device is locally managed and the backup is from FMC managed: - From CLISH: configure manager delete - Check the restore.log file in /ngfw/var/log/restore.log for any more details.
- When running 'restore remote-manager-backup ' from CLISH the Script will exit without reason (incorrect permissions) > restore remote-manager-backup .tar Device model from backup :: Cisco Firepower 2140 Threat Defense This Device Model :: Cisco Firepower 2140 Threat Defense *********************************************** Backup Details *********************************************** Model = *** Software Version = *** Serial = *** Hostname = *** Device Name = *** IP Address = *** VDB Version = *** SRU Version = Manager IP(s) = *** Backup Date = *** Backup Filename = *** *********************************************** ********************* Caution **************************** Verify that you are restoring a valid backup file. Make sure that FTD is installed with same software version and matches versions from backup manifest before proceeding.(Running 'show version' command on FTD, displays Model Name and version details). Restore operation will overwrite all configurations on this device with configurations in backup. If this restoration is being performed on an RMA device then ensure old device is removed from network or powered off completely prior to proceeding with backup restore. ********************************************************** Are you sure you want to continue (Y/N) Y Exiting the script.. > - Or it will exit without the "Exiting the script..", (permissions corrected) ... Are you sure you want to continue (Y/N)Y Restoring device . . . . . . . . . . . . . . . . . . . . . . . . . . .> - sf-restore.pl will indicate the file does not exist despite being present (permissions are wrong). "The backup file does not exist in /ngfw/var/sf/backup" root@firepower:/ngfw/var/sf/backup# sf-restore.pl .tar & [1] 41808 root@firepower:/ngfw/var/sf/backup# Device model from backup :: Cisco Firepower 2140 Threat Defense This Device Model :: Cisco Firepower 2140 Threat Defense The backup file does not exist in /ngfw/var/sf/backup root@firepower:/ngfw/var/sf/backup# ls -lah total 363M drwxr-xr-x 2 www www 46 Oct 12 13:35 . drwxr-xr-x 71 root root 4.0K Oct 12 14:44 .. -rwxr-xr-x 1 www www 363M Oct 12 13:35 .tar - restore.log: Thu Oct 12 15:31:25 2023 Called with: .tar Thu Oct 12 15:31:25 2023 System has 32 processors. Grabbing 16 for restore. Thu Oct 12 15:31:25 2023 The following is available for restore Thu Oct 12 15:31:25 2023 CONFIG Thu Oct 12 15:31:25 2023 The device is managed by the local manager. Please remove the local manager and retry restore Thu Oct 12 15:31:35 2023 Device model from backup :: Cisco Firepower 2140 Threat Defense Thu Oct 12 15:31:35 2023 This Device Model :: Cisco Firepower 2140 Threat Defense