Submit a ticketCall us

Training Class Getting Started with SolarWinds Backup - February 28

This course offers customers an introduction to SolarWinds Backup, focusing on configuring the backup technology, taking backups, data restoration and data security. It is a great primer and will get you up to speed quickly on SolarWinds Backup.
Register for class.

Home > Success Center > Network Configuration Manager (NCM) > NCM 7.7 Administrator Guide > Cisco ASA ACL rules > Manage Cisco ASA ACLs

Manage Cisco ASA ACLs

Created by Melanie Boyd, last modified by Melanie Boyd on Sep 26, 2017

Views: 365 Votes: 0 Revisions: 1

Use SolarWinds NCM to help you manage the access control lists (ACLs) for your Cisco ASA devices:

Display the ACLs on a Cisco ASA firewall

  1. Choose My Dashboards > Configuration Management.
  2. Double-click the name of a Cisco ASA node.

    The Node Details page opens.

  3. From the menu on the left, choose Access Lists.

    The Access Lists page lists the ACLs configured for that node. If the ACL has changed, click the arrow to display a list of previous versions.

    A a warning icon icon_warn.png indicates that the ACL contains overlapping rules. You can display the ACL rules to find out which rules overlap.


Compare ACLs

Use NCM to quickly locate the differences between ACLs or ACL versions. For example, you can compare two versions of the same ACL to verify that changes were implemented correctly. Or you can compare ACLs on different nodes to verify that the same rules are being applied on both devices.

Compare ACLs on the same node

  1. Display the list of ACLs on a Cisco ASA firewall.
  2. Select the ACLs or ACL versions to compare.

    To compare the current version to a previous version, expand the node to list previous versions.

  3. At the top of the page, click Compare ACL.

    The rules from both ACLs are displayed beside each other. The line number of rules with differences are highlighted.

Compare ACLs on different nodes

To compare ACLs on different nodes, first select two ACLs on the same node, and then change one of the ACLs being compared.

  1. Display the list of ACLs on one of the Cisco ASA firewalls.
  2. Select the ACL that you want to compare, and any other ACL on that node.

    You will change the second selection later.

  3. At the top of the page, click Compare ACL.

    The rules from both ACLs are displayed beside each other. The line number of rules with differences are highlighted.

  4. Change the second ACL to an ACL on a different node:
    1. Near the top of the page, click Change ACLs Compared.
    2. Select the node, interface, name, and version of the ACL you want to compare.
    3. Click Change.

Display ACL rules

When you display ACL rules, also known as Access Control Entries (ACEs), SolarWinds NCM identifies overlapping rules, which might require additional investigation.

  1. Display the list of ACLs on a Cisco ASA firewall.
  2. Click an ACL name.

    The rules (or ACEs) are listed on the Rules of This Access List page. The right column shows the number of hits, and a warning icon  indicates that the rule overlaps another rule.

  3. Filter or reorder the rules to help you find information.

    • To filter the rules, select the filter criteria in the left column.

      Click Edit Filter Properties to change the options available for filtering.

    • To order the rules by hit count instead of line number, open the drop-down menu above the rules and choose Hit count.

Investigate overlapping rules

  1. Display ACL rules.

  2. Point to warning icon  that identifies a rule that overlaps another rule.

    A message describes the issue.


  3. Click Show the details.

    A dialog box displays the preceding rule(s) that shadow the rule or make it redundant.

Display information about objects or object groups

  1. Display ACL rules.

  2. If an object or object group is listed as the source or destination of a rule, click the name of an object or object group.

    Information about the current version of the object or object group is shown on the right.

  3. To view information about a previous version of the object or object group, select a version from the drop-down menu.

  4. To compare another version to the currently selected version, click Compare Diff and select the version.


Last modified