ATP500 config backup ready to restore on Zywall-210

phphil Posts: 37  Freshman Member
First Anniversary 10 Comments Friend Collector
edited June 2021 in Security
Dear Zyxel Community, 

Any chance to automate a complete configuration backup of an ATP500 firewall: 
  1. overall configuration
  2. firmware version
  3. certificates
The point 3) is the one I'm more concerned of, because I've asked a similar question before when I was doing the migration from Zywall210 to ATP500, and the answer was that I cannot migrate self signed certificate from one firewall to another. 

We need to be able, in case of disaster, to restore a firewall on the backup site with the same configurations, if we must use a new certificate then we will have to replace it on all the clients (client to site VPN) and they are several so it will take a considerable time only for this step. 

If it really impossible to migrate self signed certificates from one firewall to another, should we consider to switch to a "real" certificate with certification authority? 


For the point 1) I know you can schedule a backup from 
Configuration > file manager > configuration file > scheduled backup  
and send it through email, but I don't really like to sent it through email, is it possible to copy it using ssh (scp/sftp) --> where is stored the configuration backup on the filesystem? 

The point 2) should not be a problem, we keep track of the currently used firmware, and we can download it from Download Library - ATP500 | ZyXEL if necessary to restore to a new firewall. 

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,366  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @phphil  

    For certificate, you can export self-signed certificate with private key.

    Then it will able to import to new device after entered correct password what you entered.

    Current configuration backup program, it is only support to save config by SMTP or local database.

Security Highlight