Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1035
Views
0
Helpful
4
Replies

ASA logging problem - not able to send logs to a remote server

TheBelphegor
Level 1
Level 1

‎03-04-2021 02:03 AM

Hi team, 

 

Hopefully someone help with the problem that I am facing for quite some time... So I have three ASA devices in three different locations (different parts of the world), also I have a logging server on Azure. The goal is to make all three ASA FWs send their logs to that logging server on Azure. 

 

I configured the same configuration on all three devices, and only one of the devices is sending logs to the remote logging server. 

 

Other FWs are not able to send logs, and when I do "show log" I get an output that the logging server is not connected?

 

Anyway I guarantee that everything is configured the same way on all devices, also everything is allowed, there is nothing that could stop the traffic from going to a remote logging server. 

 

Also, in the logs I can see the following: 

 

Routing failed to locate the next hop for TCP from identity: x.x.x.x

 

If anyone can help with this I would really appricate that. 

0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎03-04-2021 02:08 AM

Make sure you have a route available to reach the Azure IP address from ASA source IP.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

TheBelphegor
Level 1
Level 1
In response to balaji.bandi

‎03-04-2021 03:23 AM

Hi BB, 

 

Thank you for your reply, I have a route to Azure, I can even reach that server on Azure from the server that is connected to inside interface on ASA... 

 

Any other suggestion?

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to TheBelphegor

‎03-04-2021 03:36 AM

Azzure is outside right? you should have a route outside?

 

until I am getting wrong, do you have inside extended to Azzure.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

TheBelphegor
Level 1
Level 1
In response to balaji.bandi

‎03-04-2021 03:58 AM

Hi BB, 

 

Yes, Azure is outside so this is how it looks like:

 

Azure - (VTI VPN) - DC ASA - (IPsec IKEv1) - onsite ASA 

 

Again the same configuration works for other ASA with the same setup. 

 

 

Output of the show logg command on the ASA where logging works:

Logging to inside 172.16.5.5 tcp/5514 Connected TX:3144701

 


Output of the show logg command on the ASA where logging is not working:

Logging to inside_data 172.16.5.5 tcp/5514 Not connected since Fri, 19 Feb 2021 17:50:37 CET

 

What do you mean inside extended to Azure?

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card