System Archiving and Import/Export settings



  • Hello

    I am pretty new to Juniper world and SSL VPN.  😄  I would like to clarify what is the difference between system archiving and Exporting configuration.

    So far what I understand is you can use system archive to do the schedule while exporting doesn’t allow you to schedule.

    In export config, there are 2 types of export(system and user) and I believe you need to do both exports to save from blue moon day.

    So my questions are :

    1. Does system archive save everything including network setting, license, user roles/realms, resources?  What is difference from exporting?
    2. How to restore the archived files as there are multiple files?  Which file needed to be restored for what purpose?
    3. What is the best practice to DR purpose?

    Thanks in advance for your help.

    Regards.



  • Thanks for your information.  We are still in v 5.5 as already heard enough problems about v6.  :mrgreen:



  • Note that there appears to be a bug in 6.0R3 at least whereby when you send your archives automatically to an SCP server (maybe even FTP, I don’t know).  The IVE will log and trap that the archive operation failed, but the archive files are actually sent.  Juniper says it’s a known issue that will be fixed in a future release.



  • Hi Spacyfreak

    Thank you for your time and help.  Now I get clearer picture of how it works and what to do next.

    Do you have any idea on hostchecker which i posted in another thread?  Hehe… 😄

    Thanks again!

    Regards.



  • 1. Does system archive save everything including network setting, license, user roles/realms, resources?  What is difference from exporting?
    Yes, it saves EVERYTHING. Difference is the format, and you can do scheduled backups via archiving.

    2. How to restore the archived files as there are multiple files?  Which file needed to be restored for what purpose?
    You import archived system config, and then you import archived user accounts. When you have to restore, IVE sytem asks you, if you want to import everything or only some parts of the backup.

    3. What is the best practice to DR purpose?
    Use archiving on a scheduled basis to archive system config and user accounts. Use SCP and save it on a linux Server. You can also use a password for the config files, but i dont do that. SCP is save enough, and my linux server is save too.



  • The system config backup via archiving (i use scp) saves ALL the configuration will all settings and with all certificates. When you have to restore it on a new machine - all will be there. When you have to restore, you can choose, WHAT PARTS of that backup should be restored - maybe all without network settings, or all without certificates? Very comfortable and easy to handle.

    The user account backup contains the data of the users -for example when a user adds his own bookmarks for internal websites or network-drives, this is all saved in the users config. U can see the user accounts when you choose your Authentication Server (for example Active Directory), there is a field “users” where you see the names of the users who logged in to the IVE.

    The Export config via XML is a nice thing when you want to parse the config into another format for any reason. You can also “watch” the config which is exported in XML Format. But i never used it till now. Archiving is my prefered way of doing scheduled backups of system config and user accounts.


 

34
Online

38.4k
Users

12.7k
Topics

44.5k
Posts