Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Tracking ACL Changes - Using access-list remarks

Hi,

Does any have a way to compare current running ACLs against a previously saved copy of the config? Quarterly we need to review the security and it would be nice to run a quick compare to evaluate what has changed since the last quarter and make sure these changes are reflected in our change log as outlined by our corporate security policy.

I'm considering adding access-list remarks to my config to help document it better. I've heard this could clutter the config but using a "show run |exclude remarks" could help when troublshooting.

Does anyone have any thoughts?

Thanks

Glen

2 REPLIES
Bronze

Re: Tracking ACL Changes - Using access-list remarks

you can use command "show run | include access-list" and save this copy in a text file. In the next quarter you cna again get the output using same command, copy it and save in a different file then compare both files using a variey of free tools availbale on internet for this

Re: Tracking ACL Changes - Using access-list remarks

Do a "copy running-config tftp" and compare the transfered file with your prior configuration file, with an application such as the one found at:

http://www.scootersoftware.com/moreinfo.php

The "Beyond Compare" application allows you to view differences between files rapidly.

Has a ton of other features as well.

284
Views
0
Helpful
2
Replies
CreatePlease to create content