Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
516
Views
0
Helpful
2
Replies

Getting PIX logs in a secure way

pcavicch
Level 1
Level 1

‎04-01-2003 05:40 AM - edited ‎02-20-2020 10:39 PM

Hello,

does anyone know any method to retrive directly from a PIX his logs in a crypted (i.e. secure) way without a VPN?

Thank you

Paolo

0 Helpful
2 Replies 2

shannong
Level 4
Level 4

‎04-01-2003 08:25 AM

The Pix can only use syslog to send system messages. Therefore, there is no secure to receive them over the network except over a VPN tunnel. You could use a console cable to log them to a directly connected host and then use SCP to move them to the desired location. Or forward syslog over SSH from that host.

Why are you avoiding the VPN scenario? What is the problem you need to solve?

0 Helpful

per.bergman
Level 1
Level 1

‎04-02-2003 03:59 AM

I´m not sure, because I haven´t tested it, but if you have an extra NIC in your PIX you can build a small secure LAN only for syslogging(not routed anywhere).

ip address Extra_NIC 10.0.0.1 255.255.255.252

logging host Extra_NIC 10.0.0.2

Then you should be able to set up a syslogserver (10.0.0.2) and connect it with a UTP-cable or mediaconverters + fibre if you want to physically separate the syslogserver from the PIX. The syslogserver could have 2 NICs (the other on a "non-secure" routed LAN) and SSH installed for secure access to the logfiles.

BUT as mentioned earlier: I haven´t tested this !!

Comments any ?

It would be nice to have this solution confirmed or thrown in the bin, but I don´t have access to a Lab-PIX

/ Per

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card