cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1624
Views
0
Helpful
1
Replies

ISE Secure Syslog Config

Cengiz Savas
Level 1
Level 1

Hello ISE experts,

 

we are running a large ISE deployment with ISE 2.4 Patch 10 in our environment.

We have decided to use Secure Syslog for inter cluster logging and disabled UDP and TCP logging.

But we run in two issues;

 

1) We were able to configure secure syslog without cert selection. My exception was to get an error message.

With no cert selection I was able to receive live logs in ISE. Is this still a secure syslog connection?

 

2) When I select the trusted cert in Secure Syslog GUI (all node are signed with the same cert) I don't get any live logs in ISE. When I select "Ignore Server Certificate validation" then I will receive live logs.

 

Thanks in advance for your input and comments.

Cengiz

1 Accepted Solution

Accepted Solutions

howon
Cisco Employee
Cisco Employee

1) If no cert is selected ISE may use self-signed certificate. If "Ignore Server Certificate validation" is enabled then it would be allowed.

2) When you select the root CA for secure syslog. Make sure to enable it to be used with secure syslog by checking "Trust for client authentication and Syslog" option.

View solution in original post

1 Reply 1

howon
Cisco Employee
Cisco Employee

1) If no cert is selected ISE may use self-signed certificate. If "Ignore Server Certificate validation" is enabled then it would be allowed.

2) When you select the root CA for secure syslog. Make sure to enable it to be used with secure syslog by checking "Trust for client authentication and Syslog" option.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: