acomiskey Tue, 08/21/2007 - 04:52
User Badges:
  • Green, 3000 points or more

I can't see your visio right now but I assume it is something like this


pix1 -> vpn tunnel -> pix2 -> inside -> syslog server


and you want to syslog from pix1 to the syslog server?


This is possible and you must...


1. Add the outside interface address to the interesting traffic crypto acl's on both pixes.


pix1

outside interface = 1.1.1.1

syslog server = 192.168.1.1


access-list crypto permit ip host 1.1.1.1 host 192.168.1.1


pix2

access-list crypto permit ip host 192.168.1.1 host 1.1.1.1


2. Add the logging statement to pix1


logging host outside 192.168.1.1


Hope this helps, please rate helpful posts.

Actions

This Discussion