Removing multiple configuration entries from a Cisco ASA
Hi,
I have 50,000 lines of configuration that needs removing from a live ASA5505.
The lines are objects and look like this...
object network India1
subnet 1.6.0.0 255.254.0.0
object network India2
subnet 1.22.0.0 255.254.0.0
object network India3
subnet 1.38.0.0 255.254.0.0
object network India4
subnet 1.186.0.0 255.255.0.0
object network India5
subnet 1.187.0.0 255.255.0.0
object network India6
subnet 14.96.0.0 255.252.0.0
object network India7
subnet 14.102.0.0 255.255.128.0
...etc.
Obviously I could enter in command line each line...
no object network India1
no object network India2
no object network India3
... but that is quite long winded.
If I copy from a TFTP server to the startup-config and then to the running-config I think the config will merge meaning the entries will still exist.
There must be a simple and quick way of doing this. Any ideas?
Thanks
I have 50,000 lines of configuration that needs removing from a live ASA5505.
The lines are objects and look like this...
object network India1
subnet 1.6.0.0 255.254.0.0
object network India2
subnet 1.22.0.0 255.254.0.0
object network India3
subnet 1.38.0.0 255.254.0.0
object network India4
subnet 1.186.0.0 255.255.0.0
object network India5
subnet 1.187.0.0 255.255.0.0
object network India6
subnet 14.96.0.0 255.252.0.0
object network India7
subnet 14.102.0.0 255.255.128.0
...etc.
Obviously I could enter in command line each line...
no object network India1
no object network India2
no object network India3
... but that is quite long winded.
If I copy from a TFTP server to the startup-config and then to the running-config I think the config will merge meaning the entries will still exist.
There must be a simple and quick way of doing this. Any ideas?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I just checked on my asa and you are correct it does not work. are you using ASDM? with that you can just right click on objects and delerte. i realize that command line is best, but the GUI ccan come in handy every once in a while.
Hi,
Copy the lines into notepad and use find and replace. Find the word object and replace it with no object. When you're happy that its correct, copy and paste it back to the asa.
Copy the lines into notepad and use find and replace. Find the word object and replace it with no object. When you're happy that its correct, copy and paste it back to the asa.
ASKER
Hi,
The 'excel' method and 'notepad find and replace' method are the usual techniques I would use. However, this is 50,000 lines of config. I am not comfortable pasting in such large amounts from the clipboard via ssh. This has been known to miss bits out and still need entering in smaller chunks.
There must be a way to copy the config over to the running-config without merging or restarting.
It's a shame config replace is reported as not working.
None of the above ideas are accepted as solutions yet, so further ideas are welcome.
Thanks
The 'excel' method and 'notepad find and replace' method are the usual techniques I would use. However, this is 50,000 lines of config. I am not comfortable pasting in such large amounts from the clipboard via ssh. This has been known to miss bits out and still need entering in smaller chunks.
There must be a way to copy the config over to the running-config without merging or restarting.
It's a shame config replace is reported as not working.
None of the above ideas are accepted as solutions yet, so further ideas are welcome.
Thanks
SWCG,
Do you have a config that has all the items removed?
can you afford downtime? if so shut down the appliance, remove the CF card place in to a reader on your PC/MAC, rename the config to config.old place the new config into the CF start the ASA back up. it should take the config and you are good to go, if not you can replace the config
Do you have a config that has all the items removed?
can you afford downtime? if so shut down the appliance, remove the CF card place in to a reader on your PC/MAC, rename the config to config.old place the new config into the CF start the ASA back up. it should take the config and you are good to go, if not you can replace the config
ASKER
To clarify...
I can not have downtime
I won't use copy and paste in CLI
I won't individually remove each object in ASDM
I can mass change the config in anyway using excel
I need to find a way to remove these lines of config abiding to the above constraints.
There must be a way to do this...
I can not have downtime
I won't use copy and paste in CLI
I won't individually remove each object in ASDM
I can mass change the config in anyway using excel
I need to find a way to remove these lines of config abiding to the above constraints.
There must be a way to do this...
ASKER
This is the solution I used. It was the best method suggested. Although, it was not quite what I was looking for as it took a good 45 minutes to implement. Thanks for your help.
try this instead:
configure replace nvram:startup-config
Router# configure replace nvram:startup-config
This will apply all necessary additions and deletions
to replace the current running configuration with the
contents of the specified configuration file, which is
assumed to be a complete configuration, not a partial
configuration. Enter Y if you are sure you want to proceed. ? [no]: y
Links:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtrollbk.html
https://supportforums.cisco.com/docs/DOC-5820
good luck,
-=Richard