11-20-2001 03:55 PM - edited 02-20-2020 09:54 PM
Hi,
Is there a command line for PIX 515-UR v6.1 Firewall to send the syslog trap to multiple workstations (trap destinations). These destinations are on the same local subnet. If so, please provide a detail command line so I can test with. Thank you all in advance.
11-21-2001 07:52 AM
You can use multiple 'logging host' commands to specify syslog servers.
logging host [in_if_name] ip_address [protocol/port]
12-01-2001 02:18 PM
I've tried the following and it's not logging to the second (.3) syslog server. Any suggestion why not? Thank you.
logging on
logging timestamp
logging trap debugging
logging history warnings
logging host inside 172.16.0.2
logging host inside 172.16.0.3
12-01-2001 02:53 PM
Try removing both, then adding just the .3 address to see if it works by itself. After you've verified that it does, add the .2 address to see if they both work that way.
Suspect you'll find that the .3 server is misconfigured somehow.
12-01-2001 04:53 PM
If your syslog server is a Non-NT box make sure you have the right facility set - Unix servers expect specific facilities...
Logging Facility 22 (23, 24 etc,)
12-01-2001 07:06 PM
Here are a couple of "sh" outputs. I thought they might be more helpful. I think I misunderstood between snmp trap and syslog server. I am being able to send the snmp traps to (.2) and (.3) snmp traps destinations with the configuration from below. However, I am using a trial version of sl4nt (www.netal.com) syslog server and it doesn't seem to be working. I am not getting any syslog messages. It's a windows based syslog listening on default udp port 514. Please forgive me for my lack of knowledge but "what is the difference between the snmp trap and syslog server?"
Thanks all. Happy holidays.
pixfirewall# sh conf
PIX Version 6.1(1)
:
:
:
logging on
logging timestamp
logging trap debugging
logging history warnings
logging host inside 172.16.0.2
logging host inside 172.16.0.3
:
:
:
snmp-server host inside 172.16.0.2
snmp-server host inside 172.16.0.3
no snmp-server location
no snmp-server contact
snmp-server community ~notpublic~
snmp-server enable traps
:
:
pixfirewall# sh log
Syslog logging: enabled
Timestamp logging: enabled
Standby logging: disabled
Console logging: disabled
Monitor logging: disabled
Buffer logging: disabled
Trap logging: level debugging, facility 20, 30 messages logged
Logging to inside 172.16.0.2
Logging to inside 172.16.0.3
History logging: level warnings, facility 20, 1 messages logged
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: