Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2835
Views
0
Helpful
4
Replies

Exporting Object Service and Network Groups

pdickerson
Level 1
Level 1

‎10-20-2014 03:49 AM - edited ‎03-11-2019 09:57 PM

Dear TAC,

Please see summary for version information. We are requesting on how to export Object Service Group and Object Network Group from ASA. We will then clean-up these files/databases and then load them onto a FWSM1.

Thank you in advance,

Phil

Labels:
0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-20-2014 05:51 AM

This is not the TAC - you have posted on the Cisco Support Community (CSC). CSC is supported by a worldwide group of people (mostly non-Cisco) who come to ask questions and share knowledge on a volunteer basis. The TAC (Technical Assistance Center) is part of a paid service that you access by opening a case (assuming you have an active support contract).

That said, migrating to FWSM from ASA is not too awfully hard - they syntax is very similar. Cleanup of your objects can be done using tools such as Cisco Security Manager (CSM) or Solarwinds Firewall Security Manager (FSM). You can also do it "by hand" but if you have a large number of groups that can be very challenging.

0 Helpful

pdickerson
Level 1
Level 1
In response to Marvin Rhoads

‎10-20-2014 06:30 AM

Thank you for your respond about not being TAC, this was my mistake. While I have this thread going, how can I export these group files from the ASA? We do have CSM to use for clean-up. Can we also use CSM to configure additional interfaces/contexts for the migration? We have a large number of groups that we are splitting the clean-up/migration between three to four individuals on a team.

 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to pdickerson

‎10-20-2014 12:38 PM

There is actually a very nice cleanup tool available at http://www.tunnelsup.com/config-cleanup/. You can paste your configuration in there and it will give you a listing of the unused groups and access-lists along with the commands needed to remove them.

0 Helpful

pdickerson
Level 1
Level 1

‎10-22-2014 07:45 AM

 

In doing some research on this, I figured out the following steps to export Networks/Hosts and Services Groups in Cisco Security Manager (CSM).

1.  Select Manage from the CSM tools bar

2.  Select "Policy Objects..." from the drop down box

3.  Select Networks/Hosts from the side bar of Policy Object Manager

4.  Select either "Networks/Hosts" or "Services"

5.  Hoover mouse pointer over the "Content" column. Right-click to see drop down box.

6.  Select "Show Details". If drop down has "Show Summary", then make no selection.

7.  Select "Export..." icon

8.  Save .csv export file to desire location

There is a Perl command in CSM that can be use to export the same data as referenced in Managing Policy Objects chapter of the User Guide for Cisco Security Manager 4.1. 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card