Syslog and ASA5500 series

Unanswered Question
Oct 30th, 2008
User Badges:

I am trying to send messages to a central syslog server via a VPN tunnel. I can't ping the Syslog server from the ASA and no messages are sent.

I believe I may need to do something to allow traffic generated on the ASA to make use of the tunnel. I'm sure i've done this with routers in the past.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
colonha27 Thu, 10/30/2008 - 08:26
User Badges:

Good morning:

You have to able the 514 udp traffic, from your network to destination network where is the syslog server. To make ping you have to able this protocol (icmp: echo, echo-reply.)

In the vpn tunnel need to estabilish the syslog traffic, how interesting traffic.



rasoftware Thu, 10/30/2008 - 08:28
User Badges:

Yes I have UDP enabled on the server and have configured the ASA. What doesn't seem to happen is the traffic generated from the ASA won't use the tunnel to send the messages to the server.

colonha27 Thu, 10/30/2008 - 08:42
User Badges:

You defined the Cisco ASA IP in the interesting traffic?

rasoftware Thu, 10/30/2008 - 09:25
User Badges:

Hi thanks, set interesting traffic from asa to host and can PING ok if I select "inside" as source.

Still no syslog traffic though.

switchtower Mon, 02/16/2009 - 07:11
User Badges:

I'm actually having the same issue, but from a 2651 to a syslog server behind an ASA 5505.

I can connect to servers on either side and ping them without a problem, but when I attempt to connect from the router to the syslog server, even ping it, I get no response.

I'm responding to this thread because it appeared to not be resolved.


This Discussion