How to properly rollback configuration changes on Cisco devices

Recently, I had to reconfigure 20+ site-to-site VPN tunnels with IKEv2. Previously, they were running on IKEv1. But after a week time, we had to roll back the changes. One of my work colleague inquired about the rollback options. His plan was to use the command “copy start run“. But if we are looking at a full configuration rollback, we should be using the command “configure replace“.

The copy command MERGE the configuration but never replaces the configuration.  This command does not remove commands from the current running configuration that are not present in the source file. So, to overcome this issue, Cisco has released a command for this. The configure replace command provides the capability to replace the current running configuration with any saved Cisco IOS configuration file. This can be used to revert to a previous configuration state, effectively rolling back any configuration changes that were made since the previous configuration state was saved. 

In my case, the configuration backup was saved to the Flash: It does not matter where your configuration backup is located. 

So, to roll back the changes you may simply run the below command (without []).

configure replace [saved-config-archive]

 

How to copy an Image file to another network device

In general, we copy/upload IOS image files to either flash or bootflash from a TFTP server. In case of timeouts or network delays with the TFTP server, we could use either USB or Memory Slots in order to copy image files to a network device. Once you are done copying the image to flash/bootflash, we can simply configure the network device itself as a TFTP server and can be used to copy image files across other devices. 

NOTE: Please make sure all the devices are in the same subnet 

In our example, we have used 2 Routers. Router 01 is preloaded with the Image files and will be configured as the TFTP server. Router 02 will be the TFTP client. 

Step 01: Make sure, the image file is already copied to the file location (flash or bootflash)

# show bootflash:

Step 02: Configure the Router as a TFTP server. And then assign the relevant image file

(config)# tftp-server bootflash:/“imagename”

Step 03: Log into Router 02 and copy the Image file from the TFTP server (Router 01)

#copy tftp bootflash:

 

[source: Cisco KB]