Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1692
Views
0
Helpful
2
Replies

Cisco ASA 5500

c1sco
Level 1
Level 1

‎06-30-2020 07:51 AM

I need to identify when access rules & NATs are created in ASA 5500, this is required for audit in my company btw.

The question is:

Is it possible to know when an access rule / NAT rule is created in ASA 5500 ??

 

I haven't found any commands/solution for this... still trying to figure it out and searching through guides and such.

 

Thanks

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎06-30-2020 08:52 AM

No not possible by default with ASA, until you have some orchestrator like Tuffin available in network to tell you when was the added  or if you have Change process in place, for changing the ACL  in ASA will give track record.

 

if both not in place, i am afraid you going to get any further information as per i know.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

cmarva
Level 4
Level 4

‎06-30-2020 09:30 AM

if you have an NMS that you send traps to, you can try:

snmp-server enable traps entity config-change

 

that would at least let you know that something has been changed.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card