Recently we have been experiencing an issue with our ASA's syslog messages not reaching the syslog server. Periodically a message will get through but its fairly random. The ASA and the syslog server do reside on different subnets be it has always been this way and it has worked properly in the past. There have been a few code upgrades to the ASA and the syslog server resides in a VM environment but it recieves logs properly from all other devices. The patches to the ASA were to resolve some VPN bugs we were experiencing. Any ideas on what the issue could be?
Personally I have run into syslog messaging issues in the past and have been related to bugs ,you may want to try looking at the code you have upgraded to and rule out bugs pertaining to syslog messaging . Look into your code opened Caveats in the link bellow . If you have dounble check your firewall configuration after the upgrade for syslogs to be ok and have other firewalls sending logs ok to the server , it could very well be a bug related issue.
We will need to determine if the syslog messages are actually leaving the ASA interface, you can do this with a capture on the interface were the server is located. Also will be a good idea to test basic connectivity between the FW and the syslog server.
"If you need PDI (Planning, Design, Implement) assistance feel free to reach us"
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :