Re: PIX 8.04 syslog via email - authenticated smtp?

ryancolson · ‎01-22-2011

I know that you can have the ASA email syslog events. but can you conffigure it to authenticate to the email server before sending, or is the only way to send an anonymous email?

andamani · ‎01-22-2011

Hi,

Could you please elaborate on what you want to authenticate?

are you saying you want to authenticate the mail sent i.e. contents of the mail or the from where it is sent i.e. ASA.?

Regards,

Anisha

ryancolson · ‎01-22-2011

I want the PIX to authenticate to my internal mail server before sending the syslog messages.

What would happen is this: I set the PIX to send any emergency message via email

PIX connects to my mail server, authenticates, then sends that syslog message to the network admin.

The only part of this I dont know how to do is have the PIX authenticate before sending the message.

Kureli Sankar · ‎01-23-2011

I don't believe that is possible. What you may want to do is add the PIX's ip address under the allowed IP list on your smtp server.

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/l2.html#wp1751895

hostname(config)# logging mail critical

hostname(config)# logging from-address ciscosecurityappliance@example.com

hostname(config)# logging recipient-address admin@example.com

hostname(config)# smtp-server pri-smtp-host sec-smtp-host

-KS