10-01-2020 04:44 AM
Good morning/afternoon/evening depending on where in the world you call home.
Hoping this is an easy one for you all. My boss has asked me for a copy of the rule-set from our firewall. I did the copy start tftp command and have the start-up config but how do you get a copy of the current rule set?
Solved! Go to Solution.
10-01-2020 04:53 AM
I assume you are running ASA code and not FTD? The output of that command will copy the entire configuration of the ASA, if you want just the rule set from the ACLs, search the output and extract all the lines starting "access-list ...." - that is you ruleset.
HTH
10-01-2020 04:53 AM
I assume you are running ASA code and not FTD? The output of that command will copy the entire configuration of the ASA, if you want just the rule set from the ACLs, search the output and extract all the lines starting "access-list ...." - that is you ruleset.
HTH
10-01-2020 04:58 AM
Thanks. And if we are using FTD?
10-01-2020 05:50 AM
What version of FTD are you running? Are you using FDM or FMC to manage the device?
I believe the only way to export the configuration from FTD v6.5 is using API. You could use the similar method as the ASA (as above) however that will not provide full visiblity of the configuration. Alternatively for the FTD, it might be easier just to provide screenshots.
10-02-2020 06:19 AM
In FTD you can use "show access-control-config" from the cli. That will capture a lot of the bits that aren't shown in a simple "show running-config".
10-01-2020 05:01 AM
easy way is extract config in to your desktop and add to excel and look.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide