Re: TCP Syslog Auto-Reconnect?

bradd · ‎10-24-2003

I'm using TCP to communicate with my syslog server. I understand that if the communication is lost, that the PIX will cease to forward traffic and am willing to deal with that. However, what if communication is lost, then becomes available again? For example, if the syslog server is rebooted, communication is lost, but after the reboot the syslog server is available again... is there a way to have the PIX automatically reconnect to the syslog server and thereby resume traffic flow? My experience has been that manual intervention is required in order to get traffic flowing again -- I would prefer to automate this if/when it is possible.

bd

nkhawaja · ‎10-24-2003

Hi,

First of all you should only be using UDP, avoid using TCP.

Secondly I think manual intervention would still be required. I don't think there is any automation available.

Thanks

Nadeem

bradd · ‎10-24-2003

Why should I not be using TCP? I prefer the "no log, no pass" mode of operation.

As for the manual intervention, I suspect you are right, though I was hoping for an alternative. Thanks for your reply.

bd

lwierenga · ‎10-24-2003

Just caught that you were using tcp dah. Use udp (connectionless protocol) and you shouldn't have this problem any longer.

lwierenga · ‎10-24-2003

What syslog server are you using? There is no intervention with CiscoWorks syslog server when communmications is lost. I have never had a problem?

bradd · ‎10-26-2003

I'm using Kiwi Syslog Daemon, running on W2K. I went to the CiscoWorks download area and didn't see anything related to a syslog server product...???