Hi,
I have a PIX sending UDP 514 traffic through the external interface of an ISA 2004 SP1 (fully patched, 2 NICs) box to an internal Syslog Deamon.
I have a protocol set up as Syslog, UDP Port 514, Receive Send. I have a Server Publishing rule set up to Allow Traffic, Syslog, from the internal interface of the PIX to the Syslog daemon, Listener - External, Schedule - Always. The rule is listed as number 1 in the order of rules.
When I run monitoring on ISA, I get Origional Client IP - PIX Internal Interface IP, Destination IP address - Syslog Daemon IP, Destination Port - 514, Protocol - Unidentified IP traffic, Action - Denied Connection, Rule - (Blank).
I have other Server publishing rules that work correctly.
Any ideas? Thanks.
I have a PIX sending UDP 514 traffic through the external interface of an ISA 2004 SP1 (fully patched, 2 NICs) box to an internal Syslog Deamon.
I have a protocol set up as Syslog, UDP Port 514, Receive Send. I have a Server Publishing rule set up to Allow Traffic, Syslog, from the internal interface of the PIX to the Syslog daemon, Listener - External, Schedule - Always. The rule is listed as number 1 in the order of rules.
When I run monitoring on ISA, I get Origional Client IP - PIX Internal Interface IP, Destination IP address - Syslog Daemon IP, Destination Port - 514, Protocol - Unidentified IP traffic, Action - Denied Connection, Rule - (Blank).
I have other Server publishing rules that work correctly.
Any ideas? Thanks.