11-05-2008 03:43 AM - edited 03-09-2019 09:46 PM
On an ASA5580 using 8.0(4). I want to make sure that each context is able to generate syslogs and traps sent over the management interface. I know that 'logging device-id context-name' will label the log messages with the context name but is it necessary to allocate the management interface to each context?
11-05-2008 06:05 AM
Each context has its own IP connectivity except the system context. The system context borrows the IP connectivity from the admin context. Logging in independent in each context.
Regards
Farrukh
11-05-2008 07:22 AM
So you mean yes, it is necessary to allocate the management interface to the contexts other than the system context?
11-06-2008 01:58 AM
What I mean is that each context is a separate firewall and it has its own logging buffer. If you want to log all you have to configure logging on each context. You can use any interface to send out this logging information based on your routing, using the mangement interface is not necessary but better for security (separate out of management zone). This is specially true for syslog as its clear text. Newer ASA code supports secure logging as well.
Regards
Farrukh
11-05-2008 08:15 AM
So you mean yes, it is necessary to allocate the management interface to the contexts other than the system context?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: