Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

FWSM Pix ASA Syslogging

I have configured syslogging on all of my firewalls. Each firewall is configured in failover mode with it's peer. My question is will both primary and secondary firewalls send logs to the syslog server or will only the host holding the primary role send?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: FWSM Pix ASA Syslogging

The standby unit does NOT passes network traffic in a A/S scenario unless it becomes active. It is the role of active unit to send syslog messages should there be issues between Active/Standby communications. My post is correct ! and do not want to debate it with you, others I will.

3 REPLIES

Re: FWSM Pix ASA Syslogging

The theory in Active/Stanby is, configuration entered in active is automatically copied into standby, technically you do not need to touch the standby, that said, when you cofigure primary firewall to send syslog messages to snmp server the syslog ip address will be copied into standby firewall but only the active will send messages to syslog server. If Active firewall fails standby takes active role which will continue sending syslog meessages to same syslog server IP you previously entered.

To prove this theory configure your syslog server ip on Primary firewall, then connect to standby firewall,if your Standby/failover implementation is correct and functional do show run , the configuration on standby should be identical as your primary which also include the same syslog server IP information previously configured on active firewall.

HTH

Rgds

Jorge

Silver

Re: FWSM Pix ASA Syslogging

"firewall but only the active will send messages to syslog server. If Active firewall fails standby takes active role which will continue sending syslog meessages to same syslog server IP you previously entered"

That is NOT correct. The standby will also

send syslog messages to the syslog as well,

if it has issues.

CCIE Security

Re: FWSM Pix ASA Syslogging

The standby unit does NOT passes network traffic in a A/S scenario unless it becomes active. It is the role of active unit to send syslog messages should there be issues between Active/Standby communications. My post is correct ! and do not want to debate it with you, others I will.

128
Views
6
Helpful
3
Replies
CreatePlease to create content