How to Check CDP Neighbors on Cisco ASA
Introduction
As networks grow increasingly complex, understanding your network topology is crucial for effective security management and troubleshooting. Cisco Discovery Protocol (CDP) is a powerful tool for mapping your network infrastructure, but many administrators struggle with properly implementing it on Cisco ASA firewalls.
This guide will show you exactly how to check CDP neighbors on your Cisco ASA, helping you maintain better network visibility and security posture.
Who This Guide Is For
- Network administrators managing Cisco ASA firewalls
- Security engineers responsible for network topology
- IT professionals looking to improve their network visibility
What You’ll Learn
- How to enable and configure CDP
- Methods to verify CDP neighbors
- Troubleshooting common CDP issues
- Best practices for CDP implementation
Understanding CDP Basics
CDP (Cisco Discovery Protocol) is a Layer 2 protocol that helps discover Cisco devices in your network. Before diving into the commands, let’s understand how CDP works on ASA:
💡 Pro Tip: CDP is disabled by default on ASA interfaces for security reasons. You’ll need to explicitly enable it where needed.
Key CDP Concepts
- Runs on Layer 2
- Sends updates every 60 seconds by default
- Only works between Cisco devices
- Provides detailed neighbor information including:
- Device IDs
- Platform details
- Interface information
- IP addresses
Step-by-Step CDP Configuration
1. Checking CDP Status
ciscoasa# show cdp
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds
CDP version being sent: 2
CDP advertisements version 2 supported
2. Enabling CDP Globally
ciscoasa# configure terminal
ciscoasa(config)# cdp run
3. Enabling CDP on Specific Interfaces
ciscoasa(config)# interface GigabitEthernet0/1
ciscoasa(config-if)# cdp enable
4. Verifying CDP Neighbors
ciscoasa# show cdp neighbors
Device ID Local Interface Holdtime Capability Platform Port ID
SWITCH01 Gig0/1 179 R S I WS-C3750 Gig1/0/1
ROUTER02 Gig0/2 177 R ISR4321 Gig0/0/1