06-30-2020 07:51 AM
I need to identify when access rules & NATs are created in ASA 5500, this is required for audit in my company btw.
The question is:
Is it possible to know when an access rule / NAT rule is created in ASA 5500 ??
I haven't found any commands/solution for this... still trying to figure it out and searching through guides and such.
Thanks
06-30-2020 08:52 AM
No not possible by default with ASA, until you have some orchestrator like Tuffin available in network to tell you when was the added or if you have Change process in place, for changing the ACL in ASA will give track record.
if both not in place, i am afraid you going to get any further information as per i know.
06-30-2020 09:30 AM
if you have an NMS that you send traps to, you can try:
snmp-server enable traps entity config-change
that would at least let you know that something has been changed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide