Solved: Allow Cisco ASA Firewalls to send logs to NFS servers securely.

telesymbol · ‎04-18-2023

Dears,

We've ASA 5525 for network edge security and FTD 2130 for datacenter firewall functionality.

We want these firewalls to send logs securely (encrypted) to the NFS servers we've on cloud. please advise how we can make that happen.

Rob Ingram · ‎04-18-2023

@telesymbol send syslog from the ASA to your syslog server, then export to the NFS server.

View solution in original post

Rob Ingram · ‎04-18-2023

@telesymbol FTD supports these types of external logging.

Syslog Server: Sends logs to the remote Syslog server.
SNMP trap: Sends the logs out as an SNMP trap.
E-Mail: Sends the logs via email with a preconfigured mail relay server.

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200479-Configure-Logging-on-FTD-via-FMC.html

telesymbol · ‎04-18-2023

Thanks Rob, for your response.

just to clarify things, we've a syslog server where our Cisco devices send syslog messages to, but after some time, we start running out of storage on the syslog server. As a solution we're planning to make the firewalls send syslog messages to our NFS servers which have larger storage capacity. We're requesting the community advise how we can make this happen.

Rob Ingram · ‎04-18-2023

@telesymbol as per the link above the FMC only supports external logging to syslog, snmp or email. Perhaps you continue to send logs from your FMC to your existing SYSLOG server and then export the logs from your SYSLOG server to the NFS server.

telesymbol · ‎04-18-2023

Many thanks for the FMC Rob,

Any advice for Cisco ASA 5500 firewalls?

Rob Ingram · ‎04-18-2023

@telesymbol send syslog from the ASA to your syslog server, then export to the NFS server.