Comparing ASA configs

c_hullah1 · ‎07-05-2012

Hi All,

I am in the process of re-writing the configuration for an ASA using service groups and a new naming convention. Before implementing the new ACL I would like to ensure that it matches all the rules in the current ACL. Is anyone aware of software which can take two config files and compare them to ensure that they both match up and show any differences in ports allowed and/or IP addresses allowed.

Thanks

Chris

Sent from Cisco Technical Support iPad App

gouravbathla · ‎07-06-2012

You ca use google docs to compare two configuration.

nkarthikeyan · ‎07-06-2012

You can use compare it software which is a freeware of trial version.... which is a very good comparision tool..... it will show a different color codes if there is any difference.... else it will on the same color code....

https://compare-it.software.informer.com/download/

which is 2 mb in size

jwbensley · ‎07-09-2012

Diff is my favourite by a long way

http://en.wikipedia.org/wiki/Diff

schmidtiii_novice · ‎07-10-2012

Hi,

if you use windows as your OS my favorites are the TotalCommander with the "compare by content" function or better

the small graphical open source tool Winmerge (http://winmerge.org/about/screenshots/?lang=en).

manish arora · ‎07-10-2012

Notepad ++, open both file & check line by line using your eyes & brain ;-).

http://notepad-plus-plus.org/download/v6.1.5.html

Manish

c_hullah1 · ‎02-15-2013

Guys,

I found some software which does the job perfectly and would highly recommend!

I performed a full rewrite on one of our complex firewalls using service object groups and a new naming convention to make the rules easier to read but I wanted the services passing through the firewall to remain the same. The following software allowed me to compare two configurations and highlight any problems.

AthenaFirePAC Client

Thanks
Chris

jocamare · ‎02-18-2013

ALT+D using Notepad++