Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1491
Views
0
Helpful
5
Replies

HELP! PIX & multiple syslog servers

titansae
Level 1
Level 1

‎11-20-2001 03:55 PM - edited ‎02-20-2020 09:54 PM

Hi,

Is there a command line for PIX 515-UR v6.1 Firewall to send the syslog trap to multiple workstations (trap destinations). These destinations are on the same local subnet. If so, please provide a detail command line so I can test with. Thank you all in advance.

0 Helpful
5 Replies 5

rrbleeker
Level 1
Level 1

‎11-21-2001 07:52 AM

You can use multiple 'logging host' commands to specify syslog servers.

logging host [in_if_name] ip_address [protocol/port]

0 Helpful

titansae
Level 1
Level 1
In response to rrbleeker

‎12-01-2001 02:18 PM

I've tried the following and it's not logging to the second (.3) syslog server. Any suggestion why not? Thank you.

logging on

logging timestamp

logging trap debugging

logging history warnings

logging host inside 172.16.0.2

logging host inside 172.16.0.3

0 Helpful

jwitherell
Level 1
Level 1
In response to titansae

‎12-01-2001 02:53 PM

Try removing both, then adding just the .3 address to see if it works by itself. After you've verified that it does, add the .2 address to see if they both work that way.

Suspect you'll find that the .3 server is misconfigured somehow.

0 Helpful

netanalyze
Level 1
Level 1

‎12-01-2001 04:53 PM

If your syslog server is a Non-NT box make sure you have the right facility set - Unix servers expect specific facilities...

Logging Facility 22 (23, 24 etc,)

0 Helpful

titansae
Level 1
Level 1

‎12-01-2001 07:06 PM

Here are a couple of "sh" outputs. I thought they might be more helpful. I think I misunderstood between snmp trap and syslog server. I am being able to send the snmp traps to (.2) and (.3) snmp traps destinations with the configuration from below. However, I am using a trial version of sl4nt (www.netal.com) syslog server and it doesn't seem to be working. I am not getting any syslog messages. It's a windows based syslog listening on default udp port 514. Please forgive me for my lack of knowledge but "what is the difference between the snmp trap and syslog server?"

Thanks all. Happy holidays.

pixfirewall# sh conf

PIX Version 6.1(1)

:

:

:

logging on

logging timestamp

logging trap debugging

logging history warnings

logging host inside 172.16.0.2

logging host inside 172.16.0.3

:

:

:

snmp-server host inside 172.16.0.2

snmp-server host inside 172.16.0.3

no snmp-server location

no snmp-server contact

snmp-server community ~notpublic~

snmp-server enable traps

:

:

pixfirewall# sh log

Syslog logging: enabled

Timestamp logging: enabled

Standby logging: disabled

Console logging: disabled

Monitor logging: disabled

Buffer logging: disabled

Trap logging: level debugging, facility 20, 30 messages logged

Logging to inside 172.16.0.2

Logging to inside 172.16.0.3

History logging: level warnings, facility 20, 1 messages logged

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card