This article shows how to setup a sftp server to backup Cisco Collaboration suite, maybe many times you don´t have a Microsfot Windows Server for backing up your Cisco Servers.
FTP is insecure because the username and password are transmitted in clear text, you could have a man in the middle attack and obtain useful information. Is very recommended to use SFTP instead FTP to encrypt data during transfer,
For this scenario I used CentOS version 6.5 x64, Cisco Communications Manager version 10.5, and Cisco Unity Connection version 10.5.
First step:
- Install vsftp using yum
If you did not install it on CentOS setup process you can do it using yum.
[root@centos ~]# yum install vsftpd
- Generate a Certificate
You will use OpenSSL to generate a certificate to use it with vsftpd.
[root@centos ~]# openssl req -x509 -nodes -days 1095 -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem
You have to answer the questions that are prompted, when you finish the certificate will be installed at /etc/vsftpd directory.
- Configure vsftpd
You have to enable ssl to work with vsftpd, to do it add the following lines to the end of file /etc/vsftpd/vsftpd.conf
ssl_enable=yes
allow_anon_ssl=no
force_local_data_ssl=no
force_local_logins_ssl=no
ssl_tlsv1=yes
ssl_sslv2=no
ssl_sslv3=no
rsa_cert_file=/etc/vsftpd/vsftpd.pem
- Restart vsftpd service
To apply settings restart service
[root@centos ~]# /etc/rc.d/init.d/vsftpd restart
- Create a user on CentOS for backup, in this case my username is backup and password is passwordbackup
[root@centos ~]# useradd backup
[root@centos ~]# passwd backup
Changing password for user backup.
New password:
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.
- Make a backup directory and change the owner to new user
[root@centos ~]# mkdir /cisco/CUCM
[root@centos ~]# mkdir /cisco/CUC
[root@centos ~]# chown -R backup:backup /cisco/CUCM
[root@centos ~]# chown -R backup:backup /cisco/CUC
- Open CUCM Disaster Recovery URL and login
https://cucm-ip-address/drf/showhome.do
Then click under Backup>Backup Device
Add new backup device
Fill all the requirement settings and save
Finally test the backup device, click under Backup>Manual Backup
Select Device Name and features, in this case UCM and CDR_CAR, then click Start Backup button
Thats all!!! Next step is to generate a Schedule backup.
I hope this information is helpful.
Thanks for reading.
No comments:
Post a Comment