How to Check CDP Neighbors on Cisco ASA

How to Check CDP Neighbors on Cisco ASA

Introduction

As networks grow increasingly complex, understanding your network topology is crucial for effective security management and troubleshooting. Cisco Discovery Protocol (CDP) is a powerful tool for mapping your network infrastructure, but many administrators struggle with properly implementing it on Cisco ASA firewalls.

This guide will show you exactly how to check CDP neighbors on your Cisco ASA, helping you maintain better network visibility and security posture.

Who This Guide Is For

  • Network administrators managing Cisco ASA firewalls
  • Security engineers responsible for network topology
  • IT professionals looking to improve their network visibility

What You’ll Learn

  • How to enable and configure CDP
  • Methods to verify CDP neighbors
  • Troubleshooting common CDP issues
  • Best practices for CDP implementation

Understanding CDP Basics

CDP (Cisco Discovery Protocol) is a Layer 2 protocol that helps discover Cisco devices in your network. Before diving into the commands, let’s understand how CDP works on ASA:

💡 Pro Tip: CDP is disabled by default on ASA interfaces for security reasons. You’ll need to explicitly enable it where needed.

Key CDP Concepts

  • Runs on Layer 2
  • Sends updates every 60 seconds by default
  • Only works between Cisco devices
  • Provides detailed neighbor information including:
  • Device IDs
  • Platform details
  • Interface information
  • IP addresses

Step-by-Step CDP Configuration

1. Checking CDP Status

ciscoasa# show cdp
Global CDP information:
    Sending CDP packets every 60 seconds
    Sending a holdtime value of 180 seconds
    CDP version being sent: 2
    CDP advertisements version 2 supported

2. Enabling CDP Globally

ciscoasa# configure terminal
ciscoasa(config)# cdp run

3. Enabling CDP on Specific Interfaces

ciscoasa(config)# interface GigabitEthernet0/1
ciscoasa(config-if)# cdp enable

4. Verifying CDP Neighbors

ciscoasa# show cdp neighbors
Device ID        Local Interface   Holdtime  Capability  Platform  Port ID
SWITCH01         Gig0/1           179       R S I       WS-C3750  Gig1/0/1
ROUTER02         Gig0/2           177       R           ISR4321   Gig0/0/1

Subscribe to Ping Labz

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe