Logging on FWSM

Unanswered Question
Jan 23rd, 2009

Hi all,

We have multiple context and need to send all Context log to one syslog server.

For the context on the same network as syslog server, we can collecte log without problem.

For all other contexts, no log reaches the server.

We have put "logging host outside IP_syslog".

From ASDM, we can see log, but we can't see any traffic between the syslog server and the context.

is it possible to put syslog server on the outside interface of a context on FSWM ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
george_daly Thu, 01/29/2009 - 03:52


Yes you can log to syslog through the outside interface (on all FWSM versions I've used).

Is there a firewall sitting in front of the syslog server that you need to permit the UDP 514 traffic through?

I take it tcpdump on the syslog server doesn't show packets getting there?



harinirina Fri, 01/30/2009 - 01:41


We tried with 2 syslog servers, it works without problem on one of the server. On the second server, sometimes, we can't even ping it from the firewall.

It works after clearing xlate.

We often meet this problem, how can we avoid this problem to happen again?


This Discussion