Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ASA syslog failing

Can anyone see why syslog to a server on the inside is failing? See attached.

2 REPLIES
Hall of Fame Super Gold

Re: ASA syslog failing

Jerry

I see that your ASA configures a DHCP pool beginning at 192.168.0.2. And your syslog server is at 192.168.0.3. Is it possible that the ASA has assigned 192.168.0.3 to some device not your syslog server? What happens if you change the configuration of the DHCP pool to begin on some higher address?

HTH

Rick

Community Member

Re: ASA syslog failing

Hi Jerry,

You're missing one command on the syslog configuration:

logging trap

The command above will specify what level of logs the ASA sends to the server. You can refer to the following link for more information:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/l2.html#wp1753594

Btw, I also noticed that you have the command:

logging buffered debugging

That's not really recommended 'cause you may run into high cpu issues. Debug level is only recommended when it is sent to a syslog server or just for troubleshooting purposes.

Anyway, if the issue continues, you can verify the IP address stuff that Rick just mentioned. And if everything is ok but the issue continues, you'd have to run traffic captures to verify if the ASA's sending the logs to the server in question. You can refer to the following link for more info on captures:

http://nortfm.com/?View=entry&EntryID=1

Hope that helps

- Jorge Luis Juárez

155
Views
0
Helpful
2
Replies
CreatePlease to create content