Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

HELP! PIX & multiple syslog servers

Hi,

Is there a command line for PIX 515-UR v6.1 Firewall to send the syslog trap to multiple workstations (trap destinations). These destinations are on the same local subnet. If so, please provide a detail command line so I can test with. Thank you all in advance.

5 REPLIES
New Member

Re: HELP! PIX & multiple syslog servers

You can use multiple 'logging host' commands to specify syslog servers.

logging host [in_if_name] ip_address [protocol/port]

New Member

Re: HELP! PIX & multiple syslog servers

I've tried the following and it's not logging to the second (.3) syslog server. Any suggestion why not? Thank you.

logging on

logging timestamp

logging trap debugging

logging history warnings

logging host inside 172.16.0.2

logging host inside 172.16.0.3

New Member

Re: HELP! PIX & multiple syslog servers

Try removing both, then adding just the .3 address to see if it works by itself. After you've verified that it does, add the .2 address to see if they both work that way.

Suspect you'll find that the .3 server is misconfigured somehow.

New Member

Re: HELP! PIX & multiple syslog servers

If your syslog server is a Non-NT box make sure you have the right facility set - Unix servers expect specific facilities...

Logging Facility 22 (23, 24 etc,)

New Member

Re: HELP! PIX & multiple syslog servers

Here are a couple of "sh" outputs. I thought they might be more helpful. I think I misunderstood between snmp trap and syslog server. I am being able to send the snmp traps to (.2) and (.3) snmp traps destinations with the configuration from below. However, I am using a trial version of sl4nt (www.netal.com) syslog server and it doesn't seem to be working. I am not getting any syslog messages. It's a windows based syslog listening on default udp port 514. Please forgive me for my lack of knowledge but "what is the difference between the snmp trap and syslog server?"

Thanks all. Happy holidays.

pixfirewall# sh conf

PIX Version 6.1(1)

:

:

:

logging on

logging timestamp

logging trap debugging

logging history warnings

logging host inside 172.16.0.2

logging host inside 172.16.0.3

:

:

:

snmp-server host inside 172.16.0.2

snmp-server host inside 172.16.0.3

no snmp-server location

no snmp-server contact

snmp-server community ~notpublic~

snmp-server enable traps

:

:

pixfirewall# sh log

Syslog logging: enabled

Timestamp logging: enabled

Standby logging: disabled

Console logging: disabled

Monitor logging: disabled

Buffer logging: disabled

Trap logging: level debugging, facility 20, 30 messages logged

Logging to inside 172.16.0.2

Logging to inside 172.16.0.3

History logging: level warnings, facility 20, 1 messages logged

142
Views
0
Helpful
5
Replies
CreatePlease to create content