There is my issue. I have a PIX 515, an Orion Monitoring server, and a Syslog server. The Pix sends its log to the syslog server. I need to enable IP spoofing in the PIX, so my syslog server is able to send log back to the Orion server. The syslog server is in the inside interface, spoof is enable in the inside interface. However, I keep getting deny from the firewall. I did add an ACL to permit ip from the syslog server to the orion server. The orion server is in a DMZ which also have an ACL to permit ip traffic between the two servers.
output from the firewall returns: deny ip spoof from the inside interface.
Any idea will be appreciate,