I'm freshly in charge of a Cisco ASA5510 firewall, and need to get its syslog sent to someplace where I can see it. Here's the pertinent part of the config:
logging monitor debugging
logging history notifications
logging asdm informational
logging facility 16
logging device-id hostname
logging host outside 10.10.10.10
logging host outside 188.8.131.52
I don't have access to the 10.10.10.10 host, so I don't know if it's receiving anything. My syslog server is the 184.108.40.206 host. TCPdump on this server shows no traffic at all coming from this ASA firewall. My next step, is to determine if the firewall is actually originating any syslog traffic at all. I don't have any ability to mirror any switch ports on the Outside Interface, so I need to use some method internal to the ASA itself to troubleshoot. Who's done this before, and/or what docs can you point me at, that could help?? ICMP shows up on tcpDump, so this means I can route to the syslog server OK, but I don't see any UDP/514 traffic at all. These IPs are valid & reachable by the firewall, but have obviously been mangled to protect privacy....
Is there something special I have to do (or is it an illegal configuration) to send syslog out an interface where the Security-Level is 0?
Interesting -- I saw those commands in the docs I read, but I ignored them, because I thought they would cause the logging to be sent out of the firewall as SNMP traps (which I didn't want) I'll try these commands suggested & post my experience...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...