acomiskey Tue, 08/21/2007 - 04:52

I can't see your visio right now but I assume it is something like this

pix1 -> vpn tunnel -> pix2 -> inside -> syslog server

and you want to syslog from pix1 to the syslog server?

This is possible and you must...

1. Add the outside interface address to the interesting traffic crypto acl's on both pixes.

pix1

outside interface = 1.1.1.1

syslog server = 192.168.1.1

access-list crypto permit ip host 1.1.1.1 host 192.168.1.1

pix2

access-list crypto permit ip host 192.168.1.1 host 1.1.1.1

2. Add the logging statement to pix1

logging host outside 192.168.1.1

Hope this helps, please rate helpful posts.

Actions

This Discussion