03-01-2004 01:45 AM - edited 02-20-2020 11:15 PM
I could'nt get the output from the PIX firewall to my syslog server,below is the part of my show run config.My PC with syslog software running is 192.168.2.2.Pls advise.
PIX Version 6.2(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password xxxxx
passwd xxxxx
hostname ciscopix
domain-name cisco.com
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol ils 389
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
names
pager lines 24
logging on
logging trap debugging
logging facility 16
logging host inside 192.168.2.2
interface ethernet0 10baset
interface ethernet1 10full
mtu outside 1500
mtu inside 1500
ip address outside 192.168.253.3 255.255.255.0
ip address inside 192.168.2.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
static (inside,outside) 192.168.2.0 192.168.2.0 netmask 255.255.255.0 0 0
route outside 0.0.0.0 0.0.0.0 192.168.253.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si
p 0:30:00 sip_media 0:02:00
03-01-2004 03:07 AM
i'm not sure but i think you may be missing the logging history command on top of this?
can you do a show log and show what is at the top of your log?
sam
03-01-2004 04:37 AM
Hi,
Try: (in config mode)
logging on
logging timestamp
logging history warnings
logging host inside
Q. What syslog software are you running on the inside client?
Hope this helps / Jay.
03-01-2004 05:40 PM
Hi below is my show logging,seems like all my output is shown below.I had put in the logging history warning,still the same.
ciscopix# show logging
Syslog logging: enabled
Facility: 16
Timestamp logging:
enabled
Standby logging:
disabled
Console logging:
disabled
Monitor logging:
disabled
Buffer logging: level debugging, 108 messages logged Trap logging: level debugging, 108 messages logged Logging to inside 192.168.2.2
History logging: level warnings, 4 messages logged
446 TCP FINs
302013: Built outbound TCP connection 26 for outside:198.133.219.25/80 (198.133.
219.25/80) to inside:192.168.2.2/1284 (192.168.2.2/1284)
302014: Teardown TCP connection 25 for outside:198.133.219.25/80 to inside:192.1
68.2.2/1283 duration 0:00:03 bytes 1588 TCP FINs
304001: 192.168.2.2 Accessed URL 198.133.219.25:/cdc_content_elements/home_page/
sniffer/sniffLib-100.js
302013: Built outbound TCP connection 27 for outside:198.133.219.25/80 (198.133.
219.25/80) to inside:192.168.2.2/1285 (192.168.2.2/1285)
302013: Built outbound TCP connection 28 for outside:198.133.219.25/80 (198.133.
219.25/80) to inside:192.168.2.2/1286 (192.168.2.2/1286)
03-01-2004 05:44 PM
I believe it should be
logging trap
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide