Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
6
Helpful
3
Replies

FWSM Pix ASA Syslogging

Go to solution
mgage
Level 1
Level 1

‎03-15-2008 08:37 AM - edited ‎03-11-2019 05:18 AM

I have configured syslogging on all of my firewalls. Each firewall is configured in failover mode with it's peer. My question is will both primary and secondary firewalls send logs to the syslog server or will only the host holding the primary role send?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10
In response to cisco24x7

‎03-15-2008 08:44 PM

The standby unit does NOT passes network traffic in a A/S scenario unless it becomes active. It is the role of active unit to send syslog messages should there be issues between Active/Standby communications. My post is correct ! and do not want to debate it with you, others I will.

Jorge Rodriguez

View solution in original post

3 Replies 3

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10

‎03-15-2008 01:10 PM

The theory in Active/Stanby is, configuration entered in active is automatically copied into standby, technically you do not need to touch the standby, that said, when you cofigure primary firewall to send syslog messages to snmp server the syslog ip address will be copied into standby firewall but only the active will send messages to syslog server. If Active firewall fails standby takes active role which will continue sending syslog meessages to same syslog server IP you previously entered.

To prove this theory configure your syslog server ip on Primary firewall, then connect to standby firewall,if your Standby/failover implementation is correct and functional do show run , the configuration on standby should be identical as your primary which also include the same syslog server IP information previously configured on active firewall.

HTH

Rgds

Jorge

Jorge Rodriguez
0 Helpful

Go to solution
cisco24x7
Level 6
Level 6
In response to JORGE RODRIGUEZ

‎03-15-2008 06:35 PM

"firewall but only the active will send messages to syslog server. If Active firewall fails standby takes active role which will continue sending syslog meessages to same syslog server IP you previously entered"

That is NOT correct. The standby will also

send syslog messages to the syslog as well,

if it has issues.

CCIE Security

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10
In response to cisco24x7

‎03-15-2008 08:44 PM

The standby unit does NOT passes network traffic in a A/S scenario unless it becomes active. It is the role of active unit to send syslog messages should there be issues between Active/Standby communications. My post is correct ! and do not want to debate it with you, others I will.

Jorge Rodriguez
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card