Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1015
Views
0
Helpful
2
Replies

PIX 'Logging Host' - Changing syslog from TCP to UDP

martin.kayes
Level 1
Level 1

‎06-07-2002 02:35 AM - edited ‎02-20-2020 10:05 PM

Hi,

I have recently had a PIX stop forwarding traffic because of the 'reliable TCP syslog' feature, the syslog server had gone down.

To stop it happening again I changed the PIX to use logging via UDP instead, however the same thing happened again a couple of days ago despite being set to UDP!

Does the change from logging via TCP to logging via UDP happen instantly or does the PIX need a reload before this change takes effect?

Thanks,

Martin

0 Helpful
2 Replies 2

rosseison
Level 1
Level 1

‎06-07-2002 10:35 AM

Martin:

I'd had a similar problem [and have heard the same from other PIX admins] and was forced to switch back to UDP very quickly--I didn't need to reload the PIX to make the change active. Changing logging to UDP was immediate and the PIX started passing traffic again.

Ross

0 Helpful

martin.kayes
Level 1
Level 1
In response to rosseison

‎06-10-2002 12:58 AM

Hi Ross,

Thanks for your response. The weird thing is that I had managed to change logging to UDP with no problems and the syslog messages were working okay - however a few days later the syslog server went off-line and PIX fell-over again!

It may have just been a coincidence - I guess I should test the current setup out of hours to see if it happens again.

Regards,

Martin

P.S. It turns out that the PIX stops passing traffic by design; if using TCP logging and the Syslog server is not available then 'don't pass what can't be logged'.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card