Welcome, Guest. Please login or register.

Author Topic: ASA 5520 security context def file  (Read 1796 times)

dino

  • Guest
ASA 5520 security context def file
« on: April 24, 2014, 01:20:21 PM »
Hello happy network community,
Nedi still rocks !
Cisco ASA devices have a lot of sysObjectID.
Full list here :
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/monitor_snmp.html
I have generated def file for Cisco ASA 5520 security context, see attached.

When you connect to this IP, you are on a "virtual" firewall.
This Cisco feature is called "mutliple context".
This is used for transparent filtering (firewall does no routing, only filtering).
The matter for this kind of device is that when you login, you are connected to the virtual context, you can only display the configuration of current context.

By the way "more" command does not work in Cisco ASA context mode.
I had to replace it by classical "show run" in libcli.pl

$cmd{'IOS-fw'}{'conf'} = 'show run';
#$cmd{'IOS-fw'}{'conf'} = 'more system:running-config';

Ciao

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2777
    • View Profile
    • NeDi
Re: ASA 5520 security context def file
« Reply #1 on: April 25, 2014, 02:08:18 PM »
Cool, tx! Could you check whether any of the other IOS matches exactly?
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo