Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1468
Views
10
Helpful
5
Replies

Cisco ASA 5525 ruleset

Go to solution
kalen4101
Level 1
Level 1

‎10-01-2020 04:44 AM

 Good morning/afternoon/evening depending on where in the world you call home.

 

 Hoping this is an easy one for you all. My boss has asked me for a copy of the rule-set from our firewall. I did the copy start tftp command and have the start-up config but how do you get a copy of the current rule set?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎10-01-2020 04:53 AM

@kalen4101 

I assume you are running ASA code and not FTD? The output of that command will copy the entire configuration of the ASA, if you want just the rule set from the ACLs, search the output and extract all the lines starting "access-list ...." - that is you ruleset.

 

HTH

View solution in original post

5 Replies 5

Go to solution
Rob Ingram
VIP
VIP

‎10-01-2020 04:53 AM

@kalen4101 

I assume you are running ASA code and not FTD? The output of that command will copy the entire configuration of the ASA, if you want just the rule set from the ACLs, search the output and extract all the lines starting "access-list ...." - that is you ruleset.

 

HTH

Go to solution
kalen4101
Level 1
Level 1
In response to Rob Ingram

‎10-01-2020 04:58 AM

 Thanks. And if we are using FTD?

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to kalen4101

‎10-01-2020 05:50 AM

What version of FTD are you running? Are you using FDM or FMC to manage the device?

 

I believe the only way to export the configuration from FTD v6.5 is using API. You could use the similar method as the ASA (as above) however that will not provide full visiblity of the configuration. Alternatively for the FTD, it might be easier just to provide screenshots.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to kalen4101

‎10-02-2020 06:19 AM

In FTD you can use "show access-control-config" from the cli. That will capture a lot of the bits that aren't shown in a simple "show running-config".

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎10-01-2020 05:01 AM

easy way is extract config in to your desktop and  add  to excel and look.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card