Cisco ASA Configuration Backup using SCP, TFTP & ASDM

In this article, we will discuss the Backup and Restore process of the Cisco ASA Firewall configuration. Cisco ASA provides you to take the backup using SCP, and TFTP.

If you are using ASDM, you can also export the configuration backup using ASDM.

Cisco ASA has two types of configuration, i.e., Startup Configuration and Running Configuration. As the name suggested, the startup configuration is the configuration that is available during the Firewall startup, and the running configuration is the real-time configuration. You can use the write mem command to copy the running configuration in the startup configuration.


Well, now let’s discuss the complete configuration backup process of the Cisco ASA Firewall.

Exporting Cisco ASA Configuration using SCP

First, we will use the SCP to export the Cisco ASA configuration. For this, you need to enable SSH access on Cisco ASA Firewall. Login to the Cisco ASA CLI, and execute the below command to enable SSH access.

Above configuration will enable SSH on the inside interfaces. Now, just execute the below command from Linux Terminal or Windows CMD:

Recommended:  Configure Cisco ASA Firewall for ASDM Access

If you want to change the directory and name of running-config, just replace “.” with the directory and file name. For Example:

Also, if want to export the configuration manually from the ASA enable mode, just use the below steps to export the firewall configuration:

Recommended:  Enable Telnet and SSH access to Cisco ASA Firewall

Exporting Cisco ASA Configuration using TFTP

Well, now we will export the running configuration using the TFTP. You need to login to the Cisco ASA and need to run the below commands to export the running configuration.

Exporting Cisco ASA Configuration using ASDM

Finally, we will export the running configuration of the Cisco ASA firewall using ASDM. The benefits of taking the backup from the ASDM, it provides you Certificates and WebVPN configuration as well.

Login to the Cisco ASA ASDM, and Navigate to Tools >Backup Configurations.

Recommended:  pfSense Firewall Quick Overview - Getting Started with pfSense


Select the configuration that you want to backup. In this example, I’m exporting the full configuration backup.


Once this process will be completed you will get the below message.


Now, you can navigate to the same file and use this to restore the configuration.

Related Articles


In this article, we have taken the backup of the Cisco ASA firewall using SCP, TFTP, and ASDM. We have discussed the multiple ways to take the backup of Cisco ASA using SCP. This will surely help you to save time during the backup process. Also, you can easily restore the restored backup in one click. If you are having issues while executing the mentioned commands, feel free to reach out to me in the comments.

Please share this article on social media platforms and shows us some love.

Support our work:

If you appreciate what we do and would like to contribute to our efforts, we kindly ask you to consider buying us a coffee. Your small donation can go a long way in helping us cover the costs of hosting, maintenance, and further development.

Please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us Support Us

We are always thankful for your never-ending support.

Leave a Reply

Your email address will not be published. Required fields are marked *