cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

298
Views
0
Helpful
1
Replies
Highlighted
Beginner

PIX/ASA Syslog using TCP

Hi,

Reading the PIX documentation (v7.2) I can find the following regarding logging host configuration: " If you specify TCP, the security appliance discovers when the syslog server fails and discontinues sending logs"

Will the firewall recover syslog service (i.e. restarts sending logs) after the server becomes online again? or manual intervention will be needed?

Thanks in advance.

Ricardo

1 REPLY 1
Highlighted
Beginner

In my experience, it won't recover, but that was with 7.0, I think. I doubt that it's changed, but it was enough to prevent using TCP logging for us. Some drops were better than no logging...however, it is possible to make the firewall stop passing traffic if logging fails, I believe, so that could be used as an avenue toward recovery, if the tradeoff is acceptable.

George

Content for Community-Ad