I notice that when the main line goes down and the backup kicks in, it is transparent to the user, which is great. But one drawback is that I would never know (or delayed to know) when the main line went down.
Is there a way to setup SMTP notifications for this? I'm assuming some SMTP configuration and a syslog server (like Kiwi)?
I initially created the "track-list" config, but did not receive an email when I unplugged the T1 (activating the failover). I then created the "test" list and assigned it to "111001". From what I read, this should send off an email whenever anything does a "write" command (write mem).
I am still not getting an email. Before I start troubleshooting with the SMTP server, is there any way I can make sure the ASA is generating the email?
--> you'll be sending syslog with errors level (level 3) only, while the test list that you have configured for, ie: syslog# 11101 falls under notification level (level 5).
Also, please double check if logging has been turned on (show log), otherwise, the command to turn logging on is "logging enable".
To test the syslog mail, i would suggest a few things:
1) Change "logging mail test" to "logging mail 5", and also remove the "level errors" from the logging recipient-address command.
This will prove if you are getting any mails at all from the ASA.
2) If the above still does not give you any mails, you might want to run packet capture on the ASA interface where the mail server is connected to, to see if the ASA is even sending the email out. If it does, you might want to check your email server. If it doesn't, we might need to troubleshoot more on the syslog email portion.
3) If the above 1) works just fine, then you can tailor the syslog list accordingly.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...