Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8317
Views
0
Helpful
1
Replies

Best way to Parse/analyze ASA configs?

redwarrior
Level 1
Level 1

‎05-12-2017 07:54 AM - edited ‎03-12-2019 02:21 AM

Good Morning!


I currently manage several ASA firewalls (5585's, 5550's, and a few others) and I'd like to find a better way to parse through configs, particularly for audit purposes.  I'll often receive a list of subnets that a customer wants all kinds of information on (which subnets are allowed for PAT/NAT and what firewall rules apply to those subnets, etc).  It's always tedious and time-consuming and I'm wondering if there is a tool that could simplify this.  I'm not a script wizard myself and would prefer not to have to learn to be one just to get this done, but if that's the only way, I'm willing to crack some books.

Bonus points if the tool doesn't require me to write a SQL query or use regular expressions and even more bonus points if the tool could also have some intelligence like being able to point out ACL overlap or other issues.

Thank you in advance!

Karen

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Ashish Jhaldiyal
Level 1
Level 1

‎05-12-2017 11:24 AM

You can look at Cisco CLI Analyzer below is the download link, CLI analyzer can analyze running configuration of firewall, Also search objects in use etc.

http://www.cisco.com/c/en/us/support/web/tools-catalog.html

Regards

Ashish

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card