Logging Issue With PIX 515E

mrfault · ‎01-24-2007

I am trying to enable sylog logging to a Windows server thru my inside interface to beable to capture my VPN traffic. Everytime I enable logging my inside interface drops until I Disable logging. Please help, I'd like to be able to review all of my logs but I am required to at least get my VPN traffic.

sachinraja · ‎01-24-2007

Is the whole PIX not responding or only the inside interface ?? How is the CPU usage after enabling logging ? which code of PIX are you running ? alternately, you can span the switchport connecting to inside interface and log all the events necessary...

Raj

mrfault · ‎01-25-2007

Sachinraja,

Just the inside port seems to fail.

How do I check for CPU Usage?

Attached is my config sorry it is so long.

Thanks for all of your help.

mrfault · ‎05-21-2007

None of the interfaces are passing traffic. CPU usage is normal I am running ver. 7.0(1)

wpetherbridge · ‎05-21-2007

Hi,

make sure it is necessary to use TCP for sending your logs. If your logging host goes down your firewall will stop when TCP is used till your logging host is back online. If this is not the desired behaviour rather use UDP.

Hope this helps.

Cheers.

mrfault · ‎05-24-2007

how do I specify just using UDP vs using both? I am using PIX Firewall Syslog server ver 5.12 on a windows 2003 server.