Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1061
Views
0
Helpful
1
Replies

syslog outside traffic through firewall

k.langley
Level 1
Level 1

‎02-03-2014 11:37 AM - edited ‎03-11-2019 08:39 PM

I have question as to the best way to perform the task of sending syslog to my logging server on the inside of my network.

I have a couple rotuers and a DMZ with some device in it that I need to collect log info from. I have a 5525X connected to external router and my Syslog server sits inside the ASA. If my syslog server is 192.168.20.71 UDP port 514, would I want to run straight through the firewall? Don't seem quite right to me to send internal IP traffic throught the ASA.

Any suggestions how I'd perform this?

Labels:
0 Helpful
1 Reply 1

David White
Cisco Employee
Cisco Employee

‎02-03-2014 06:24 PM

When you say you have a DMZ, is this a different interface on the ASA?  (So you would have Outside, Inside, and DMZ)?  If so, it is perfectly fine to send syslog traffic in the DMZ interface of the ASA and out the Inside.

You essentially want to take the most direct path to the syslog server (and the most secure).  If there are devices/networks between the logging device and the syslog server which you do not control, then you can always establish a VPN tunnel over the insecure network to get your logs securely back to your internal network.

Sincerely,


David.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card