FWSM, how to send mail messages when failover occurs?

andrea.meconi · ‎02-17-2012

Hello.

We are using FWSM with software version 4.1(6) with failover and multi contexts.

We need to generate and send mail notifications when failover occurs.

With this configuration we are receiving syslog only!

fw-csc/1/fw-csc1/act# sh run logg

logging enable

logging list ONLY-HA-SWITCHING message 104001-104002

logging trap ONLY-HA-SWITCHING

logging asdm informational

logging mail ONLY-HA-SWITCHING

logging from-address fw-csc1@dominio.it

logging recipient-address andrea@dominio.it level errors

logging host P2P-FW-CSC1 10.4.42.127

fw-csc/1/fw-csc1/act# sh run smtp

smtp-server 10.4.60.124

fw-csc/1/fw-csc1/act#

Any ideas?

Thanks.

Andrea

Amit Rai · ‎02-20-2012

your configuration looks correct.

you will receive the email alerts with the syslog id in the subject line when the failover occurs.

the syslog id

104001-104002 are only generated when the primary device changes there state so when you get those messages in the email that itself is an indicator that a failover has happened.

andrea.meconi · ‎02-29-2012

Many thanks.

Anyway, using the "no failover active" command to change the state I only receive syslog messages from contexts.

No mail messages are received, only logged.

Before...

fw-csc/1/fw-csc1/act(config)# sh logg | i Mail

Mail logging: list ONLY-HA-SWITCHING, 80 messages logged

fw-csc/1/fw-csc1/act(config)#

After failover...

fw-csc/1/fw-csc1/act(config)# sh logg | i Mail

Mail logging: list ONLY-HA-SWITCHING, 86 messages logged

fw-csc/1/fw-csc1/act(config)#

Capture does not show any packets.

Any ideas?

Regards.

Andrea