Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

asa not sending to syslog

Status
Not open for further replies.
Sep 29, 2008
105
0
0
CA
hi i have the below settings but asa is not sending to the syslog server. It used to but there has not been any changes and it has stopped all of sudden. do you know what the issue could be ? thanks.

logging enable
logging timestamp
logging monitor debugging
logging trap informational
logging asdm informational
logging facility 17
logging host inside 192.168.1.10

I have an ips that is behind this firewall.
 
Hi,

Everything looks fine for the config. Has anything been added or changed between the firewall and the syslog server? Routing, IPS blocking, ACL on syslog server, etc.
 
hi there is an ips behind the firewall but the ips does not show any blocks :(
 
Unless the IPS has just been installed and not configured correctly you should have no issues with it. You could add an event filter (Cisco) to allow syslogs through to the syslog server to verify but it might be something else.

You could do a simple ACL log on the closest L3 device to the syslog server or a wireshark capture to see if the firewall is sending packets that far.

Do you control everything - firewall, network, syslog server, or are there other people involved? I once had my server admin update our syslog server and forget to allow a few IP's through the server's internal firewall. I had asked him if there had been any recent changes on the server to which he responded "No", only to find out that he thought of "recent" to mean the last 4-5 days and he had done the update a few weeks before.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top