Please has anyone seen this?
Cisco ASA 5516 with no HA configured is setup to send syslog to a server.
The syslog server receives system events. e.g user logins, but the syslog server does not receive any firewall events e.g access denied logs.
These access denied logs entries shows up on the asa console when I run sh log
below is the config on the ASA, I have two other ASA working with same config
logging enable logging timestamp
logging buffer-size 1048570 logging buffered informational
logging monitor debugging logging trap informational
logging history informational logging asdm informational logging host inside 172.16.160.30
... View more
Thank you very much Mohammed for the email here is more detail I have a 5550 and want to migrate to 5555-x 5550 has 8 interfaces configured with IP address, and 5555-x also has 8 interfaces. the MGMT on the 5550 is currently not in use I'm in the process of migrating the config, and at this time I'm managing the 5555-x using 172.16.109.202. if I migrate the config from 5550 to 5555-x, I wont be able to manage 5555-x using 172.16.109.202 my question is this is it possible to configure the MGMT interface on 5555-x with 172.16.109.202 and Firepower with 172.16.109.203 and configure Firewpower default gateway to use 172.16.109.202 which is the IP of the MGMT interface? I did some research, some say it should work, other says it wont, that the MGMT is reserved for the Firepower and should not be configured with an IP address on the ASA Thank you very much Current Firewall 5550 Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 220.127.116.11 YES CONFIG up up GigabitEthernet0/1 18.104.22.168 YES CONFIG up up GigabitEthernet0/2 10.50.19.2 YES CONFIG up up GigabitEthernet0/3 10.1.2.100 YES CONFIG up up Internal-Data0/0 unassigned YES unset up up Management0/0 unassigned YES unset administratively down up GigabitEthernet1/0 10.250.216.21 YES unset up up GigabitEthernet1/1 22.214.171.124 YES CONFIG up up GigabitEthernet1/2 10.202.116.40 YES CONFIG up up GigabitEthernet1/3 10.205.118.90 YES CONFIG up up Internal-Data1/0 unassigned YES unset up up New Firewall 5555-x Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 unassigned YES unset administratively down down GigabitEthernet0/1 unassigned YES unset administratively down down GigabitEthernet0/2 unassigned YES unset administratively down down GigabitEthernet0/3 unassigned YES unset administratively down down GigabitEthernet0/4 unassigned YES unset administratively down down GigabitEthernet0/5 unassigned YES unset administratively down down GigabitEthernet0/6 172.16.109.202 YES manual up up GigabitEthernet0/7 10.250.2.1 YES unset up up Internal-Control0/0 127.0.1.1 YES unset up up Internal-Data0/0 unassigned YES unset up down Internal-Data0/1 unassigned YES unset up up Internal-Data0/2 unassigned YES unset up up Internal-Data0/3 169.254.1.1 YES unset up up Management0/0 unassigned YES unset down down
... View more
would it possible to configure the management interface on the 5555-x with an IP address and also set the interface IP as the default gateway of the Firepower?
I am out of available interface on the 5555-x, some cisco doc says its possible, but I want to ask if anyone have actually configured something like this.
... View more