Hello,

I am in a very tricky situation at the moment and unfortunately Cisco don't really provide sufficient help for what i'd like to call an established Firewall.
There are two ways to configure the ASAs first being through the ASDM or second CLI.

The ASDM is good for using a GUI to modify objects on the Firewall, Rename and Delete etc but it takes incredibly long and when you're modifying thousands of objects within specific change windows its impossible to do in a short amount of time.

I have thought of a way to do it via the CLI however that requires the use of VB if done in Excel however I haven no experience of using it.

If anyone can look at the below scenario and either help with the VB part or at least point me in the right direction where I can begin to learn to achieve this myself that would be just as useful.

On the Cisco ASA we have whats called Objects and Objects groups.
Objects are host devices and object groups are a grouping of hosts.


Each host can be added to an object group which looks something like this in the configuration

object-group network "object group name"
network-object object "object name"

Each object is created with an IP Address so I have a list of all the objects on the Firewall, there are thousands of them.
The problem I have is that there are thousands of duplicates as well, same IP address but different name

there are objects called
abc 10.0.0.1
abd 10.0.0.1

Some of these objects were created and added to a single object-group and then again and again and now we're sitting with hundreds of duplicate objects (different names but same IP address)

I want to find a way to list all the objects in Column A with their name and B with their IP address
Column C I want all the object-groups listed as the above.

I then want to find a way to locate the duplicate IP addresses and their corresponding names in Column A to get the two different names.
Then find those objects in Column C as a "network-object" in the object group.

Once I know which objects are in which object group I want to add a single object either the first value or a duplicate value into the object group in a new column

For example Column D
object-group network "Same name as object group that already exists"
network-object object "name of either of the current existing devices"

The idea behind this is to take a single object that is duplicated and add it to every missing object group where it's duplicates are present and it is not.

Next I would then like to remove the duplicates that are not being replicated across groups from the groups they are in which has the following command

object-group network "object group name"
no network-object object "name of duplicate"

I know this is a lot and if anyone can point me in the direction to start learning I can try creating something myself but honestly I have no idea where to start