archive

log config

logging enable

logging size 200

notify syslog

hidekeys

fw#show archive log config all

idx sess user@line Logged command

1 1 console@console | logging enable

2 1 console@console | logging size 200

3 1 console@console | notify syslog

4 2 console@console |archive

5 2 console@console | log config

6 2 console@console | hidekeys

fw#conf t

Enter configuration commands, one per line. End with CNTL/Z.

fw(config)#user x password y

01:43:06: %PARSER-5-

CFGLOG_LOGGEDCMD: User:console logged command:username x password *****

01:43:06: %PARSER-5-

CFGLOG_LOGGEDCMD: User:console logged command:!config: USER TABLE MODIFIED

fw#copy system:running-config tftp://10.0.0.2/fw-test

!!

2009 bytes copied in 0.592 secs (3394 bytes/sec)

fw#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

fw(config)#no access-list 100

fw(config)#access-list 120 permit ip any any

fw(config)#^Z

fw#show archive config differences tftp://10.0.0.2/fw-test system:running-

config

Loading fw-test from 10.0.0.2 (via FastEthernet0/0): !

[OK - 2087 bytes]

Contextual Config Diffs:

+access-list 120 permit ip any any

-access-list 100 permit tcp any any eq www

-access-list 100 permit tcp any any eq telnet

-access-list 100 permit tcp any any eq smtp

fw#show archive config differences nvram:startup-config system:running-

config

Contextual Config Diffs:

interface Loopback0

+description New loopback interface

+ip address 10.1.0.3 255.255.255.255

interface Loopback0

-ip address 10.1.0.1 255.255.255.255

fw#show archive config differences nvram:startup-config system:running-

config

Contextual Config Diffs:

-router ospf 101

-log-adjacency-changes

-network 10.1.0.0 0.0.1.255 area 2

-network 0.0.0.0 255.255.255.255 area 0

fw#whatsnew

Contextual Config Diffs:

+access-list 101 deny tcp host 10.0.0.2 host 192.168.0.2 eq www

+access-list 101 permit icmp any any echo

-access-list 101 permit icmp any any

fw#whatsnew

Contextual Config Diffs:

ip access-list extended Test

+deny tcp host 10.0.0.3 host 192.168.0.2 eq www

+permit tcp any any eq ftp

+permit icmp any any echo

+deny icmp any any

ip access-list extended Test

-deny tcp host 10.0.0.2 host 192.168.0.2 eq www

-permit icmp any any

fw#whatsnew

Contextual Config Diffs:

ip access-list extended Test

+deny tcp host 10.0.0.3 host 192.168.0.2 eq www

+permit tcp any any eq www

!

!The following order-dependent line(s) were re-ordered

!ip access-list extended Test

! permit tcp any any eq ftp

fw#whatsnew

Contextual Config Diffs:

+class-map match-all ServerMail

+match protocol smtp

+match access-group 101

+class-map match-all ServerWeb

+match protocol http

+match access-group 101

policy-map WAN

+class ServerMail

+priority 64

+class ServerWeb

+bandwidth percent 30

+set precedence 3

+access-list 101 permit ip host 10.0.0.2 host 192.168.0.2

+access-list 101 permit ip host 192.168.0.2 host 10.0.0.2

fw#whatsnew

Contextual Config Diffs:

!No changes were found