cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
516
Views
0
Helpful
2
Replies

Getting PIX logs in a secure way

pcavicch
Level 1
Level 1

Hello,

does anyone know any method to retrive directly from a PIX his logs in a crypted (i.e. secure) way without a VPN?

Thank you

Paolo

2 Replies 2

shannong
Level 4
Level 4

The Pix can only use syslog to send system messages. Therefore, there is no secure to receive them over the network except over a VPN tunnel. You could use a console cable to log them to a directly connected host and then use SCP to move them to the desired location. Or forward syslog over SSH from that host.

Why are you avoiding the VPN scenario? What is the problem you need to solve?

per.bergman
Level 1
Level 1

I´m not sure, because I haven´t tested it, but if you have an extra NIC in your PIX you can build a small secure LAN only for syslogging(not routed anywhere).

ip address Extra_NIC 10.0.0.1 255.255.255.252

logging host Extra_NIC 10.0.0.2

Then you should be able to set up a syslogserver (10.0.0.2) and connect it with a UTP-cable or mediaconverters + fibre if you want to physically separate the syslogserver from the PIX. The syslogserver could have 2 NICs (the other on a "non-secure" routed LAN) and SSH installed for secure access to the logfiles.

BUT as mentioned earlier: I haven´t tested this !!

Comments any ?

It would be nice to have this solution confirmed or thrown in the bin, but I don´t have access to a Lab-PIX

/ Per

Review Cisco Networking for a $25 gift card