Setting up a Disaster Recovery (DRS) SFTP Server for CUCM

I’m sure this will only be an issue for a few, but every once in a while you have a need for DRS. DRS is one of those set-it-and-forget-it type services where once it’s set up, you’ll never even think about it again until you need it, which by that point may be too late. Without getting into any details, I recently had the need to set up an SFTP server for DRS and had ended up spending far too much time on this one small topic.

Here’s the problem, nobody wants to spend the money on backup systems such as this that serve no active purpose. Cisco recommends TitanFTP, which a single license costs over $1,200. This doesn’t really seem like too much for a solid backup solution to your organizations telephony systems, but for a budget conscious organization, it may just be inconvenient to ask when there are other free options.

Note – One important consideration is that if you intend to use this SFTP server for cisco system upgrades, you will need to bit an option that does not have a file size limit, or at minimum one that is over 4GB. For this post, I selected the solarwinds SFTP server which does not meet system upgrade requirements. There are free options out there that provide this that aren’t mentioned in this article.

Second Note – Starting with Windows Server 2019, OpenSSH is built into Windows! That’s right, the great OpenSSH, which has no file size limit and is a preferred Cisco SFTP is built directly into Windows. That’s convenient, right?

So here are a few options with some simple explanations:

Name: TitanFTP
Cost: $1,249.95
Pros:
– Recommended CUCM backup solution
– Easy to use
Cons
– Costly
Name: Cygwin/OpenSSH
Cost: Free
Pros:
– Recommended CUCM backup solution
– Free
– OpenSSH is adapted to run on Windows with Cygwin
Cons:
– Difficult to install configure
– Difficult to maintain
Name: FreeFTPd
Cost: Free
Pros:
– Free
– Easy to install
Cons:
– 1GB file size limit
– No longer supported by developer
Name: Solarwinds SFTP Server
Cost: Free with premium version available with network configuration manager suite.
Pros:
– Free
– Easy to install
– Easy to maintain
Cons:
– 4GB file size limit

In the past, I’ve used TitanFTP, which is a great solution and if your organization will pay for it, I absolutely recommend it.

For my situation, I decided to use the Solarwinds SFTP Server, so for anyone who is interested, here is how to install it.

First, you will need a windows based server within your organization. Even in my small organization, there was someone else who built the servers, so I can’t really go through that part with you, but I suspect you may find yourself in a similar situation. So lets just assume you have a server set up and on the domain. I’ll be using an AWS server for this example.

Log into your server, open a web browser, and Navigate to https://www.solarwinds.com/free-tools/free-sftp-server

Click on the Download Free Tool button. You will be taken to a new page asking for your information. Fill in your information and click on the Proceed to Free Download button.

Go ahead and click on this nice looking green Download Now button to download the .zip file.

Extract the .zip file and open it up to find the SftpServerInstall file. Go ahead and double click on that to get the installation started.

Check the accept terms, and then click Install.

Once it’s finished, just click on the Finish button.

Now lets open the Solarwinds SFTP server either from the start menu, or navigate to the folder (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolarWinds SFTP & SCP Server) and I recommend adding a shortcut to your desktop for easier access in the future.

Now, lets start configuring it. First, click on File > Configure…

You may want to change your Root Directory, but since we have a dedicated server for SFTP, I’m going to go ahead and stick with the default (C:\SFTP_Root) for the time being.

I don’t want SCP enabled, only SFTP, so under the Allowed Protocols I’m going to change the file transfer protocol to SFTP and the SSH protocol to SSH2.

Under Permitted File Transfer Operations, I want to allow existing file to be overwritten, but I don’t want renaming existing files on overwrite. Cisco has dates on all files, so if anything is renamed, it’s just going to be wasting space on the server.

Lets head over to the Users tab and set up our sftp user account. You may want to either add users for each system such as one for Cisco Unified Communications Manager (CUCM), a separate user for Cisco Unity Connection (CUC), and then a separate user for Cisco Unified Contact Center Express (UCCX). For this demonstration, I’m just going to set up a single user for all three, but in real life, I did go ahead and set up separate users with their own folders for manageability.

Click on the New User button. Type in the username and password. Make this username unique and purpose named. I’ll name mine cucmsftp and give it a password. Once you put in your credentials, hit Apply Changes.

Finally, head over to the Startup & System Tray tab and check the box for Automatically run this application when I log on to Windows.

Now that we have our configurations in place, lets hit OK to close the settings window.

We will be back at our original page and we want to get the service started. In the bottom left corner of the window it says Service status: Stopped. Go ahead and click on the arrow and select the Start option.

You will see the Service status change to Running, it will bind to 0.0.0.0, which just binds to all IP address on the server, which is fine for this situation. If you want that changed, it can be done in the settings. You will also see the messages saying the service has started.

Now that we have SolarWindows SFTP started up, lets head over to CUCM, CUC, UCCX, or whatever other system you’re backing up, and configure that.

In the upper right corner, click on the drop down box and select Disaster Recovery System, then hit the Go button.

Type in your credentials and hit Login.

In the menu, select Backup > Backup Device.

Click on the Add New button.

The first thing we need to do is give the device a name. This is arbitrary and affects nothing else. Next we have to add the hostname or IP address of our SFTP server, the path, username, and password. Since we used the root folder for SFTP and didn’t change any folder settings for our user, we will just use “/” as our path. Finally, lets set our number of backups to 3, that way we always have at least 3 days worth of backups.

Hit save, and then lets head over to set up a schedule. Select Backup > Scheduler.

Click on Add New.

Give it a schedule name, and then under Select Backup Device, select the device we created a moment ago.

Make sure to select all features that you want to back up, probably all of them.

Scroll down a bit to schedule. I want daily backups. Our start date must be in the future, and lets schedule for a time that network traffic will be low. I’ll target 2:00am. Once we have our selections made, hit Save.

One last thing, lets remember to enable our schedule, so after we add our device, go back to the schedule list and lets check our schedule and select Enable Selected Schedules.

That’s it!

You can run a manual backup if you want to test your new SFTP server.

Go ahead and leave a comment if you have any questions and lets discuss!

What is your favorite SFTP server to use?

Leave a Reply

Your email address will not be published. Required fields are marked *