Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 'Logging Host' - Changing syslog from TCP to UDP

Hi,

I have recently had a PIX stop forwarding traffic because of the 'reliable TCP syslog' feature, the syslog server had gone down.

To stop it happening again I changed the PIX to use logging via UDP instead, however the same thing happened again a couple of days ago despite being set to UDP!

Does the change from logging via TCP to logging via UDP happen instantly or does the PIX need a reload before this change takes effect?

Thanks,

Martin

2 REPLIES
New Member

Re: PIX 'Logging Host' - Changing syslog from TCP to UDP

Martin:

I'd had a similar problem [and have heard the same from other PIX admins] and was forced to switch back to UDP very quickly--I didn't need to reload the PIX to make the change active. Changing logging to UDP was immediate and the PIX started passing traffic again.

Ross

New Member

Re: PIX 'Logging Host' - Changing syslog from TCP to UDP

Hi Ross,

Thanks for your response. The weird thing is that I had managed to change logging to UDP with no problems and the syslog messages were working okay - however a few days later the syslog server went off-line and PIX fell-over again!

It may have just been a coincidence - I guess I should test the current setup out of hours to see if it happens again.

Regards,

Martin

P.S. It turns out that the PIX stops passing traffic by design; if using TCP logging and the Syslog server is not available then 'don't pass what can't be logged'.

163
Views
0
Helpful
2
Replies