4 Replies Latest reply on Jan 15, 2015 3:59 AM by wilsonpl8

    ASA backup issue




      I am trying to backup an ASA config using Device.Backup.TFTP and when I run it I receive this error:


      Device Type: Cisco.Firewall.ASA has not yet had this functionality added. Skipping this device.


      I was wondering if anyone knew what would be causing this error? My guess is that something needs to be added to the Cisco.Firewall.ASA script to give it functionality (please correct me if I am wrong) and then it should start working. If this is correct, can someone please guide me through the process of getting this started.


      Thank you,



        • Re: ASA backup issue
          Steve Welsh

          Hi Johnathan,


          The message you are seeing in CatTools is not an error with the activity as such.  That particular activity (Device.Backup.TFTP) is simply not supported for that device.

          For information on which activities are supported on which device types, take a look at the online device matrix.


          With respect to backing up of the ASA, the recommended activity to use is the Device.Backup.Running Config activity.


          Give this one a try and let me know how you get on (or if you need any help setting it up).


          Kind regards,



            • Re: ASA backup issue

              With respect to backing up of the ASA, the recommended activity to use is the Device.Backup.Running Config activity.


              Hi Steve,


              Have just started using Kiwi CatTools to replace existing perl scripts we have doing our backups of running configs on Cisco 3750 switches and ASA firewalls.


              The switches seem to backup running config just fine, however for the ASA firewalls even though I set device Type to be Cisco.Firewall.ASA the Device.Backup.Running.Config activity doesn't seem to adjust itself for the specifics of the ASA platform that are important to note:-


              1. "show running-config" will not backup pre-shared-key's of Tunnel Groups. In order to get a full true backup you need to run "more system:running-config"

              2. I notice in the CatTools debug logs "Stepping past <--- More --->" which indicates it hasn't run "terminal pager 0" which is the ASA equivalent of "term len 0" on IOS so that you don't get more prompts when dumping config.


              It seems to me that CatTools needs some programming changes to better handle ASA firewall config backups... what's the chances of getting that to happen ? I imagine it should be pretty easy since it's possible to specifiy a device type of Cisco.Firewall.ASA which I envisaged would have already known the best way to backup an ASA running-config.


              Or do I need to manually write my command set under a different backup activity of CatTools to properly backup our ASA firewalls here ?



              • Re: ASA backup issue

                Hi Steve - We are also having the same issue that Johnathan was having and also that Suntory has alluded too.


                Is it likely that Cisco ASA's will become supported for the Device.Backup.TFTP activity, to ensure that the pre-shared keys are backed up? The activity appears to work successfully for Cisco Pix Firewalls.




              • Re: ASA backup issue

                That worked perfectly. Thank you very much!