Syslog from a PIX firewall terminating a VPN
I know many of you probably already know this but the issue has been posted before and the response has been to use Kiwi Syslog Tunnel to bounce the traffic back. That's the system I've been using for months now at remote sites. It doesn't need to be done, found this last night and tested it successfully on multiple boxes this morning. If, like me, you hadn't a clue about this little command it's a lifesaver, to the rest of you laughing...well...er....anyway:
On the remote PIX issue the following from CONFIG mode.
MANAGEMENT-ACCESS INSIDE
LOGGING HOST INSIDE (Firewall Analyzer IP) UDP/1514
(and of course NO LOGGING... for the existing Kiwi Tunnel server if you have one set).
If that logging command looks odd it is. Since in this situation your FW server is on the other end of a VPN tunnel and therefore on the outside (or similar) interface you'd think you'd have to specify outside for the host...no...whatever way this process works you have to set the HOST to INSIDE regardless of it's actual location.
Anyway maybe this will help someone else...
On the remote PIX issue the following from CONFIG mode.
MANAGEMENT-ACCESS INSIDE
LOGGING HOST INSIDE (Firewall Analyzer IP) UDP/1514
(and of course NO LOGGING... for the existing Kiwi Tunnel server if you have one set).
If that logging command looks odd it is. Since in this situation your FW server is on the other end of a VPN tunnel and therefore on the outside (or similar) interface you'd think you'd have to specify outside for the host...no...whatever way this process works you have to set the HOST to INSIDE regardless of it's actual location.
Anyway maybe this will help someone else...
Topic Participants
Ahriakin
New to M365 Manager Plus?
New to M365 Manager Plus?
New to RecoveryManager Plus?
New to RecoveryManager Plus?
New to Exchange Reporter Plus?
New to Exchange Reporter Plus?
New to SharePoint Manager Plus?
New to SharePoint Manager Plus?
New to ADManager Plus?