Syslogging from ASA5505 and PIX-506 over IPSEC Tunnel
I have a customer with many remote sites using either ASA5505 or a PIX-506. There is IPSEC tunnel to each remote site from the hub site. The remote site doesn't have a server. The goal is send syslog and traps to the server located at main site.
The Encryption domain is inside interface subnet at each site. I didn't find any command that syslogs or sends traps with source ip being inside interface.
Re: Syslogging from ASA5505 and PIX-506 over IPSEC Tunnel
Its not a clean way but I guess the only way.
I was hoping it would do like NetScreen firewalls where you can tell the firewall to source the syslog from inside interface even though the destination is somewhere on outside. That way you don't have to fiddle with interesting traffic.
Hopefully some customer with good leverage submitted a PERS to cisco ;-).. I always wondered why companies don't put "Wish List" link on their website. They can collect a lot of good ideas for free :-)
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...