Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2095
Views
0
Helpful
3
Replies

Issues configuring FTP logs for CISCO ASA 5506X

Peter Brady
Level 1
Level 1

‎04-16-2020 07:50 PM

Hi all,

I am trying to setup my ASA to export buffer logs an an FTP server. So far I have

  1. Setup and FTP server and tested it, with a dedicated user and location for the ASA.
  2. Configured the exporting of logs via the ASDM (Configuration -> Device Management -> Logging -> Logging Setup -> Configure FTP Settings...) with the details:
    • SERVER IP: XXX.XXX.XXX.XXX
    • PATH: /
    • USERNAME: <username>
    • PASSWORD: <password>
    • CONFIRM: <password>

Now it isn't working. So as my next step I tried sending an individual file to the serve rusing the command line (via the ASA). I tried this command:

  • copy disk0:/startup-config ftp://<username>:<password>@XXX.XXX.XXX/

But I am getting this result (and yes, startup-config appears when I do dir disk0:/) :

  • Source filename [startup-config]?
    ?Bad filename
    %Error parsing filename (No such device)

So yeah I'm a bit lost. As a followup, is this the best way to do FTP logging from an ASA, or is there something better? This just seemed like the simplest. 

Thanks!

Labels:
0 Helpful
3 Replies 3

marce1000
VIP
VIP

‎04-17-2020 12:33 AM

 

 - As far as the test with the startup-config some suggestions 1) Append a target-filename-destination to the end of the command too 2) Have a test with disk0:/ removed from the copy command 3) To check if the error relates to the behavior of the FTP server or not , check it's logs when this is tried. In that way it can be verified if the ASA made a connection to the FTP host or not.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Peter Brady
Level 1
Level 1
In response to marce1000

‎04-19-2020 06:35 PM

Hi @marce1000 thanks for the response, I have tried as you suggested.
1) Tried doing that, includinng after trying steps in 2 & 3, with no result.
2) This did make a difference. So with my new command:

copy startup-config ftp://<username>:<pw>@<ip-address>/startup-config

I got this in response

Address or name of remote host [<ip-address>]?
?Bad address or host name
%Error parsing filename (Invalid argument)

I also tried using the hostname. This would sometimes give them same error as above, but then would also sometimes give this error:

Address or name of remote host [<hostname>]?
?Bad address or host name
%Error parsing filename (Resource temporarily unavailable)

I also read somewhere that adding the interface at the end might be necessary (appending ;int=<interface-name> to the command) but this didn't change anything.

3) I increased the logging level so that it logs the entire FTP protocol. Nothing is logged when the command are sent from the ASA. 

Thanks

0 Helpful

marce1000
VIP
VIP
In response to Peter Brady

‎04-20-2020 12:06 AM

 

 - Check current software version being used, if it's old - upgrade to a recent release. Check if the problem persists afterwards.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents