https://community.cisco.com/t5/network-security/getting-pix-logs-in-a-secure-way/m-p/120840#M638679 <HTML><HEAD></HEAD><BODY><P>I´m not sure, because I haven´t tested it, but if you have an extra NIC in your PIX you can build a small secure LAN only for syslogging(not routed anywhere). </P><P></P><P>ip address Extra_NIC 10.0.0.1 255.255.255.252</P><P>logging host Extra_NIC 10.0.0.2</P><P></P><P>Then you should be able to set up a syslogserver (10.0.0.2) and connect it with a UTP-cable or mediaconverters + fibre if you want to physically separate the syslogserver from the PIX. The syslogserver could have 2 NICs (the other on a "non-secure" routed LAN) and SSH installed for secure access to the logfiles.</P><P></P><P>BUT as mentioned earlier: I haven´t tested this !!</P><P>Comments any ? </P><P>It would be nice to have this solution confirmed or thrown in the bin, but I don´t have access to a Lab-PIX</P><P></P><P>/ Per</P></BODY></HTML> Wed, 02 Apr 2003 11:59:35 GMT per.bergman 2003-04-02T11:59:35Z https://community.cisco.com/t5/network-security/getting-pix-logs-in-a-secure-way/m-p/120838#M638576 <P>Hello, </P><P>does anyone know any method to retrive directly from a PIX his logs in a crypted (i.e. secure) way without a VPN? </P><P></P><P>Thank you </P><P>Paolo </P><P></P> Fri, 21 Feb 2020 06:39:49 GMT https://community.cisco.com/t5/network-security/getting-pix-logs-in-a-secure-way/m-p/120838#M638576 pcavicch 2020-02-21T06:39:49Z https://community.cisco.com/t5/network-security/getting-pix-logs-in-a-secure-way/m-p/120839#M638607 <HTML><HEAD></HEAD><BODY><P>The Pix can only use syslog to send system messages. Therefore, there is no secure to receive them over the network except over a VPN tunnel. You could use a console cable to log them to a directly connected host and then use SCP to move them to the desired location. Or forward syslog over SSH from that host.</P><P></P><P>Why are you avoiding the VPN scenario? What is the problem you need to solve?</P></BODY></HTML> Tue, 01 Apr 2003 16:25:46 GMT https://community.cisco.com/t5/network-security/getting-pix-logs-in-a-secure-way/m-p/120839#M638607 shannong 2003-04-01T16:25:46Z https://community.cisco.com/t5/network-security/getting-pix-logs-in-a-secure-way/m-p/120840#M638679 <HTML><HEAD></HEAD><BODY><P>I´m not sure, because I haven´t tested it, but if you have an extra NIC in your PIX you can build a small secure LAN only for syslogging(not routed anywhere). </P><P></P><P>ip address Extra_NIC 10.0.0.1 255.255.255.252</P><P>logging host Extra_NIC 10.0.0.2</P><P></P><P>Then you should be able to set up a syslogserver (10.0.0.2) and connect it with a UTP-cable or mediaconverters + fibre if you want to physically separate the syslogserver from the PIX. The syslogserver could have 2 NICs (the other on a "non-secure" routed LAN) and SSH installed for secure access to the logfiles.</P><P></P><P>BUT as mentioned earlier: I haven´t tested this !!</P><P>Comments any ? </P><P>It would be nice to have this solution confirmed or thrown in the bin, but I don´t have access to a Lab-PIX</P><P></P><P>/ Per</P></BODY></HTML> Wed, 02 Apr 2003 11:59:35 GMT https://community.cisco.com/t5/network-security/getting-pix-logs-in-a-secure-way/m-p/120840#M638679 per.bergman 2003-04-02T11:59:35Z