Cisco Cisco Content Security Management Appliance M1070 User Guide
14-43
AsyncOS 9.0 for Cisco Content Security Management Appliances User Guide
Chapter 14 Common Administrative Tasks
Saving and Importing Configuration Settings
Configuration files with masked passwords cannot be loaded.
Regardless of the method, you must include the following tags at the top of your configuration:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE config SYSTEM "config.dtd">
<config>
... your configuration information in valid XML
</config>
The closing
</config>
tag should follow your configuration information. The values in XML syntax are
parsed and validated against the DTD located in the
configuration
directory on your Cisco Content
Security appliance. The DTD file is named
config.dtd
. If validation errors are reported at the command
line when you use the
loadconfig
command, the changes are not loaded. You can download the DTD to
validate configuration files outside of the appliance before uploading them.
In any import method, you can import an entire configuration file (the information defined between the
highest level tags:
highest level tags:
<config></config>
), or a complete and unique subsection of the configuration file,
as long as it contains the declaration tags (above) and is contained within the
<config></config>
tags.
“Complete” means that the entire start and end tags for a given subsection as defined by the DTD are
included. For example, uploading or pasting the following code causes validation errors:
included. For example, uploading or pasting the following code causes validation errors:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE config SYSTEM "config.dtd">
<config>
<autosupport_enabled>0</autosu
</config>
However, uploading or pasting the following code does not cause validation errors:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE config SYSTEM "config.dtd">
<config>
<autosupport_enabled>0</autosupport_enabled>
</config>
“Unique” means that the subsection of the configuration file being uploaded or pasted is not ambiguous
for the configuration. For example, a system can have only one hostname, so uploading the following
code (including the declarations and
for the configuration. For example, a system can have only one hostname, so uploading the following
code (including the declarations and
<config></config>
tags) is allowed:
<hostname>mail4.example.com</hostname>
However, a system can have multiple listeners defined, each with different Recipient Access Tables
defined, so uploading only the following code is considered ambiguous:
defined, so uploading only the following code is considered ambiguous:
<rat>
<rat_entry>
<rat_address>ALL</rat_address>
<access>RELAY</access>
</rat_entry>
</rat>
Because it is ambiguous, it is not allowed, even though it is “complete” syntax.
Caution
When uploading or pasting a configuration file or subsections of a configuration file, you have the
potential to erase uncommitted changes that may be pending.
potential to erase uncommitted changes that may be pending.