01-22-2016 05:47 PM - edited 03-08-2019 03:30 AM
I am working as a contractor in a new environment that includes over 100 ASAs (including the various security contexts), and I need to be able to ascertain the next hop for each of the interfaces on each of the devices.
Are there any tools, or are there ASA commands which would easily provide me that information?
I've asked this before in a different forum, but wasn't provided with a solution.
Is the ARP table my best bet? When I look there within a specific context, I see a few different entries but don't know how to determine which is the correct next hop. Also, I'm guessing that ASAs can't use CDP. But the firewall is configured with OSPF -- does that help my cause?
I'm not a complete newbie, but I'm also not years into these devices. Any help would be very gratefully acknowledged.
Cheers!
jeremyNLSO
P.S. I posted here because it basically applies to any interface. If it's the wrong place to post, I'll be happy to move it...
01-27-2016 06:06 PM
Thanks a ton for your reply, Khalid. The only problem is that I don't see this reverse path command in my command set. Could that be due to the fact that it's an ASA instead of a router. Note that the ASA OS is 9.1(1), so it's pretty recent.
I sure wish someone knew a pretty simple means of getting this info.
jeremyNLSO
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide