Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Getting PIX logs in a secure way

Hello,

does anyone know any method to retrive directly from a PIX his logs in a crypted (i.e. secure) way without a VPN?

Thank you

Paolo

2 REPLIES
Silver

Re: Getting PIX logs in a secure way

The Pix can only use syslog to send system messages. Therefore, there is no secure to receive them over the network except over a VPN tunnel. You could use a console cable to log them to a directly connected host and then use SCP to move them to the desired location. Or forward syslog over SSH from that host.

Why are you avoiding the VPN scenario? What is the problem you need to solve?

New Member

Re: Getting PIX logs in a secure way

I´m not sure, because I haven´t tested it, but if you have an extra NIC in your PIX you can build a small secure LAN only for syslogging(not routed anywhere).

ip address Extra_NIC 10.0.0.1 255.255.255.252

logging host Extra_NIC 10.0.0.2

Then you should be able to set up a syslogserver (10.0.0.2) and connect it with a UTP-cable or mediaconverters + fibre if you want to physically separate the syslogserver from the PIX. The syslogserver could have 2 NICs (the other on a "non-secure" routed LAN) and SSH installed for secure access to the logfiles.

BUT as mentioned earlier: I haven´t tested this !!

Comments any ?

It would be nice to have this solution confirmed or thrown in the bin, but I don´t have access to a Lab-PIX

/ Per

94
Views
0
Helpful
2
Replies
CreatePlease login to create content