Hi Forum members,
Currently I engaged a security vendor “Resecurity”.
Abit of info:
License is level 6.
Using two ISP for the routers
3 Vlans
So, my security vendor claimed the backup features only can be implemented with additional configuration and probably some scripting.
Due to my own mistake of misconfigurarion resulted to break the wan interface I believe. I accidentally executed the “default-configuration” on a live environment by doing print the config in CLI menu, then highlight the text with mouse and right click. The right click action causing the copied text to paste and execute.
So my vendor claimed I messed up the firewall until the whole system akin to reset. In order to rectify the issue, they labour cost amount to a few thousand dollars to USD7.4k.
Kindly please advise, or any expert willing to assist me.
Hi,
So, what the question is? Restore from non existant backup or what?
Thanks for your reply. To be more specific, vendor said Mikrotik is without the backup feature in place, and they trying to charge me huge amount of money for the reconfiguration back of the Mikrotik.
I tried using winbox to do backup without any issue. I also aware can use command line to perform the backup.
I need to ascertain that the backup is reliable to perform restoration like other firewall product capable of. I also want to made aware of my case to the forum members.
There are two ways to run a backup.
A binary backup and a script backup.
Both have their own limitations, pitfalls, advantages and disadvantages.
Use both and store away from device.
Hi all,
If use winbox as a backup, what is the limitation? Does the winbox backup is sufficient for a restoration?
Is pretty common firewall backup might not able to retain certificate, but should able to restore all config.
I don’t understand what are you trying to say
Winbox as a backup? Can you rephrase?
Using Winbox (or CLI) you can make 2 types of backup:
1- the real backup - binary file only to be used again on the exact same device for restore with the exact same ROS version (some exceptions but let’s not get there now)
2- export of config - text version of all CHANGED settings in config versus default. Theoretically this can be used to move to new device, in practice most use it as a guideline to copy-paste config back to new device, block by block (can be same one or new hardware, same ROS version or new version).
For both versions it is important to move the generated file away from your device because when your device crashes or becomes inaccessible for whatever reason, you can not reach that “backup” anymore. So again, move it to a safe place away from that device.
Thanks for the prompt response Holvoetn. Your explaination is very clear.