Ok, I can't for the life of my figure out why internal syslog traffic would be dropped at the firewall. I've come across a few support forums with comments like 'disable the specific syslog error, etc.' however this does not fix my problem. I need the syslog messages from my Citrix VM Servers to reach the syslog server and the firewall is dropping them for some reason:
The syslog error that gets logged:
%ASA-2-106006: Deny inbound UDP from 192.168.1.200/514 to 192.168.1.210/514 on interface inside
Here is my current lab setup:
ubuntu (VM) --> XenServer --> ASA 5505
(192.168.1.201) (192.168.1.200) (192.168.1.1)
I have tons of hits on rule #2, none on rule #1 for my inside interface access list:
1. access-list inside_access_in extended permit udp any any eq syslog log notifications (put this one in for test... doesn't get any hits)
2. access-list inside_access_in extended permit ip any any log (this is the rule that should allow all internal traffic, right?)
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...