https://community.cisco.com/t5/network-security/sec-mon-pix-monitoring/m-p/299493#M563606 <P>Iam currently using Security Monitor 1.2.3 to monitor IDS 4235 events. I have added Cisco PIX 515 to the list fo devices to be monitored by Sec Mon. The only problem is that I am NOT getting any message from PIX in the events window.</P><P></P><P>1. The instruction did NOT state that I need to configure the PIX to send events to the Sec Mon. Do I need to do so? If so, exactly what do I need to do on the PIX so as to forward messages (events, alarms, alerts) to Sec Mon.</P><P></P><P>2. What ports must I open on the PIX so as to enable sending of messages. I suspect taht perhaps port 161 and 162? If so, please confirm.</P><P></P><P>3. While in Sec Mon, I checjed for "connections" which would give me the status of devices monitored voa Sec Mon. I only saw the IDS sensors. I suspect that perhaps PIX woudl not appear in the lsit because it is noit a RDEP device. Is that correct or shoudl I see PIX in the list.</P><P></P><P>Thanks</P><P>Ade</P><P></P> Fri, 21 Feb 2020 07:32:19 GMT infinitingr2 2020-02-21T07:32:19Z https://community.cisco.com/t5/network-security/sec-mon-pix-monitoring/m-p/299493#M563606 <P>Iam currently using Security Monitor 1.2.3 to monitor IDS 4235 events. I have added Cisco PIX 515 to the list fo devices to be monitored by Sec Mon. The only problem is that I am NOT getting any message from PIX in the events window.</P><P></P><P>1. The instruction did NOT state that I need to configure the PIX to send events to the Sec Mon. Do I need to do so? If so, exactly what do I need to do on the PIX so as to forward messages (events, alarms, alerts) to Sec Mon.</P><P></P><P>2. What ports must I open on the PIX so as to enable sending of messages. I suspect taht perhaps port 161 and 162? If so, please confirm.</P><P></P><P>3. While in Sec Mon, I checjed for "connections" which would give me the status of devices monitored voa Sec Mon. I only saw the IDS sensors. I suspect that perhaps PIX woudl not appear in the lsit because it is noit a RDEP device. Is that correct or shoudl I see PIX in the list.</P><P></P><P>Thanks</P><P>Ade</P><P></P> Fri, 21 Feb 2020 07:32:19 GMT https://community.cisco.com/t5/network-security/sec-mon-pix-monitoring/m-p/299493#M563606 infinitingr2 2020-02-21T07:32:19Z https://community.cisco.com/t5/network-security/sec-mon-pix-monitoring/m-p/299494#M563608 <HTML><HEAD></HEAD><BODY><P>Hi Ade,</P><P></P><P>You need to setup PIX to send syslog messages to the PIXMC. No ports needed to be opened. Just enable sysloging and thats it.</P><P></P><P>In the connections you will only see IDS as connected tls</P><P></P><P>Thanks</P><P>Nadeem</P></BODY></HTML> Fri, 30 Jul 2004 20:58:34 GMT https://community.cisco.com/t5/network-security/sec-mon-pix-monitoring/m-p/299494#M563608 nkhawaja 2004-07-30T20:58:34Z https://community.cisco.com/t5/network-security/sec-mon-pix-monitoring/m-p/299495#M563611 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>To set up logging from the PIX you need to specify the IP address of your sec mon server and which interface it can be reached through</P><P></P><P>e.g. logging host inside 10.0.0.1</P><P></P><P>Set your logging severity</P><P></P><P>e.g. logging trap debugging</P><P></P><P>This will send all debug messages to Sec Mon</P><P></P><P>Also remember to turn logging on!</P><P></P><P>The following link covers the logging command on the PIX</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a9.html#wp1028090" target="_blank">http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a9.html#wp1028090</A></P><P></P><P>The ports you mentioned (161 &amp; 162) are for SNMP which is not required for syslogging, plus i belive the PIX doesn't filter on traffic that's sourced from itself.</P><P></P><P>I'm afraid i haven't used security monitor so i can't comment on your other question.</P><P></P><P>Rgds</P><P>Paddy</P><P></P><P></P></BODY></HTML> Sat, 31 Jul 2004 12:38:11 GMT https://community.cisco.com/t5/network-security/sec-mon-pix-monitoring/m-p/299495#M563611 paddyxdoyle 2004-07-31T12:38:11Z