8-65
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter8 Managing Deployment
Rolling Back Configurations

Commands to Recover from Failover Misconfiguration after Rollback

If a switchover happens during rollback and the two units are no longer synchronized, you might need
to use the following commands to recover:
failover active group_number
failover reset group_number
failover reload-standby
clear configure failover
For more information on these commands, please refer to the command reference for your security
appliance.
Related Topics
Rolling Back Configurations to Devices Using the Deployment Manager, page8-65
Using Rollback to Deploy Archived Configurations, page8-66
Commands that Can Cause Conflicts after Rollback, page 8-64
Rolling Back Configurations to Devices Using the Deployment Manager
If you deploy configurations to devices and then determine that there is something wrong with the new
configurations, you can revert to and deploy the previous configurations for those devices. You cannot
roll back to a previous configuration if there are no previous configurations in the Configuration Archive.
You can roll back configurations only to configurations that were deployed to the device, not to a file.
For information on how to roll back a configuration that was deployed to a file, see Performing Rollback
When Deploying to a File, page 8-67.
You can also use the Configuration Archive tool to roll back to any configuration archived from a device.
For more information, see Using Rollback to Deploy Archived Configurations, page8-66.
Caution Roll back configurations only in extreme circumstances. It is usually a better idea to fix the configuration
in Security Manager and deploy the fixed configuration, because rolling back a configuration creates a
situation where the configuration defined in Security Manager is not the same one running on the device.
After rollback, you should rediscover policies on the device to make the device configuration and its
configuration in Security Manager consistent. Roll back configurations only in extreme circumstances.
Before proceeding, read the following topics.
Understanding Configuration Rollback, page 8-59
Understanding Rollback for Devices in Multiple Context Mode, page8-61
Understanding Rollback for Failover Devices, page8-61
Understanding Rollback for Catalyst 6500/7600 Devices, page 8-61
Understanding Rollback for IPS and IOS IPS, page 8-62
Commands that Can Cause Conflicts after Rollback, page 8-64
Commands to Recover from Failover Misconfiguration after Rollback, page8-65