12-13-2016 02:51 AM
Hello All,
I was just wondering: is there something like an ASA config checker tool?
I've managed, as an ASA noob, to configure a working setup on my ASA via the CLI, but I'd like to know if I can streamline the config.
For instance, I've checked the NAT rules to see if all were used and I didn't create NAT rules that were unneccessary, but I'd like to know if I didn't create any performance-sapping 'loops' in the NAT rules or access lists. Same for other settings that I created.
Does a tool like that exist?
Regards,
Rene.
Solved! Go to Solution.
12-13-2016 04:29 AM
You could use Cisco CLI Analyzer to check your asa configuration. It will highlight well known issues and tac best pracices. You may download the tool here.
12-13-2016 04:29 AM
You could use Cisco CLI Analyzer to check your asa configuration. It will highlight well known issues and tac best pracices. You may download the tool here.
12-13-2016 04:50 AM
Kaisero,
thanks for that info!
Unfortunately my account doesn't provide enough access to actually use the tool, but it is pretty much what I was looking for :)
Rene.
12-13-2016 05:33 AM
Do you have a service contract associated with your account? - If that´s the case, you should be able to download it.
12-19-2016 04:51 AM
Kaisero,
I have the tool downloaded and tried to use it, but when I feed it the ASA's config it says that I'm not eligible for that service. Apparently it contacts Cisco for analysis, and sees that I don't have a service contract. Oh well, can't help that, I'm not going to arrange for a contract just for this ;)
*fixed a typo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide