syslog resumption

Unanswered Question
Nov 19th, 2008

I have a bunch of Cisco ASA unit's all sending tcp based syslog data to a central Kiwi Syslog server. I have the units configured to continue functioning after syslog communications failure.

We have patches applied on a regular basis and when the Syslog server is patched/rebooted, it seems that all my firewalls stop sending syslog data b/c of the server boot.

Is there some way to automatically kickstart the ASA's to resume logging? Right now I have to manually reconfigure each ASA unit to restore syslog data transmission.

Running 8.0(3) and ASDM 6.1.1 on a variety of 5510's, 5520's and 5540's.

Thanks,

Tariq

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
torchris Sun, 11/23/2008 - 13:45

Please try to set up the captures between the ASA and the server then when you reboot the unit enable the logs on the firewall to verify what error do you get also, the capture will let you know at what time the ASA stopped sending the syslog messages.

Actions

This Discussion