https://community.cisco.com/t5/network-access-control/ise-secure-syslog-config/m-p/3950535#M456085 <P>Hello ISE experts,</P><P>&nbsp;</P><P>we are running a large ISE deployment with ISE 2.4 Patch 10 in our environment.</P><P>We have decided to use Secure Syslog for inter cluster logging and disabled UDP and TCP logging.</P><P>But we run in two issues;</P><P>&nbsp;</P><P>1) We were able to configure secure syslog without cert selection. My exception was to get an error message.</P><P>With no cert selection I was able to receive live logs in ISE. Is this still a secure syslog connection?</P><P>&nbsp;</P><P>2) When I select the trusted cert in Secure Syslog GUI (all node are signed with the same cert) I don't get any live logs in ISE. When I select&nbsp;"Ignore Server Certificate validation" then I will receive live logs.</P><P>&nbsp;</P><P>Thanks in advance for your input and comments.</P><P>Cengiz</P> Wed, 30 Oct 2019 14:51:18 GMT Cengiz Savas 2019-10-30T14:51:18Z https://community.cisco.com/t5/network-access-control/ise-secure-syslog-config/m-p/3950535#M456085 <P>Hello ISE experts,</P><P>&nbsp;</P><P>we are running a large ISE deployment with ISE 2.4 Patch 10 in our environment.</P><P>We have decided to use Secure Syslog for inter cluster logging and disabled UDP and TCP logging.</P><P>But we run in two issues;</P><P>&nbsp;</P><P>1) We were able to configure secure syslog without cert selection. My exception was to get an error message.</P><P>With no cert selection I was able to receive live logs in ISE. Is this still a secure syslog connection?</P><P>&nbsp;</P><P>2) When I select the trusted cert in Secure Syslog GUI (all node are signed with the same cert) I don't get any live logs in ISE. When I select&nbsp;"Ignore Server Certificate validation" then I will receive live logs.</P><P>&nbsp;</P><P>Thanks in advance for your input and comments.</P><P>Cengiz</P> Wed, 30 Oct 2019 14:51:18 GMT https://community.cisco.com/t5/network-access-control/ise-secure-syslog-config/m-p/3950535#M456085 Cengiz Savas 2019-10-30T14:51:18Z https://community.cisco.com/t5/network-access-control/ise-secure-syslog-config/m-p/3951791#M456086 <P>1) If no cert is selected ISE may use self-signed certificate. If "Ignore Server Certificate validation" is enabled then it would be allowed.</P> <P>2) When you select the root CA for secure syslog. Make sure to enable it to be used with secure syslog by checking "Trust for client authentication and Syslog" option.</P> Fri, 01 Nov 2019 14:50:27 GMT https://community.cisco.com/t5/network-access-control/ise-secure-syslog-config/m-p/3951791#M456086 howon 2019-11-01T14:50:27Z