How to backup the configuration using FTP with read-only account over CLI to another subnet?
Our managing partner is using Auvik for monitoring and backup of Firebox configuration.
The Auvik agent is running on a server on different subnet at AWS VPC, and our Firebox M270 has VPN Interface with static route to that subnet at AWS. This VPN Interface works fine.
Auvik agent is using CLI to connect to Firebox and backup its configuration:
"export config to ftp://'user':'password'@'serverIP':21/'timebakup.cfg".
It appears that:
1. A local IP address must be assigned to VPN Interface for the backup via CLI to work.
2. CLI does not work with read-only accounts and requires an admin account.
Both these requirements create issues, so the question is can the configuration be backed up via CLI using read-only account, and what other options besides assigning local IP address to VPN Interface can be used to allow FTP traffic to different subnet?