Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MARS through IPSec VPN

If I setup an ASA 5500 at a remote site to do Site-to-site IPSec VPN, can I have the remote ASA report to the local MARS through the tunnel? If so, what address would I use as the reporting address in MARS for the 5500 appliance?


Re: MARS through IPSec VPN

Yes why not.

Basically you can use a 'tunnel' mode VPN and setup a site-2-site VPN tunnel between the two ASAs and add the MARS server on the remote ASA as a logging host.

Once the traffic reaches the local ASA it can then route it to the MARS on your local LAN. I think the IP address of the remote ASA should be same as its' WAN interface pointing towards the Local ASA. If you want the MARS to telnet/ssh to the firewall, you need to setup a tunnel mode VPN or just use SSH to login to the device securely over the WAN/Internet (Without any VPN).

Caution: Syslogs can be very bandwidth intensive, make sure your VPN connection can sustain that.



New Member

Re: MARS through IPSec VPN

My question has to do with the Topology Graph. I have many site-to-site tunnels and the Graph doesn't seem to display the connectivity between sites. It displays them as separate networks with an Internet Cloud. Is this possible or a limitation since it is trying to traverse the Internet and an ISPs network. I was hoping that Mars would be a part of Interesting traffic and show at least a line through the clouds to the respective peers.