Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX problem when it configured with syslog server with tcp port

Hi All,

Did someone ever encounter PIX problem when the pix configured for the syslog server with tcp port ?

I encountered this problem when I configured the pix for syslog server with tcp port..the command is logging host (in_if) (host_ip) [tcp/port_number].

Actually there is no problem when the syslog server was up. But when I shut down the server..the pix suddenly can not route packet from inside to outside..but if I did pinging from pix to outside and inside are ok..only if I pinged from inside network, servers which are in inside network, the packets are stopped at pix. the pix image version is 5.1(2). is there any bugs on that version ??

I will really appreciate if some one can helps...

thanks and regards

3 REPLIES
New Member

Re: PIX problem when it configured with syslog server with tcp p

This is a feature of the pix when syslogging with TCP.

When the PIX can no longer log to the server, whether because the disk is full or the server is offline, TCP traffic is stopped.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/config/config.htm#xtocid2803660

Use the default UDP if you do not wish this to happen.

New Member

Re: PIX problem when it configured with syslog server with tcp p

Hi,

thanks for your respon...how about If I use this command logging host (in_if) (host_ip) [udp/port_number]. I use udp instead of tcp. Is that okay ?? Will all the udp packets stop ???

Regards

New Member

Re: PIX problem when it configured with syslog server with tcp p

there is no need to state UDP

It will default to udp 514 as stated in the command ref below

http://cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_60/config/commands.htm#xtocid605042

If you use udp (default) to syslog, if the syslog server becomes unavailable, the traffic will still flow through the PIX. All that will happen is that there will be no logs until the server is brought back online.

105
Views
0
Helpful
3
Replies