Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
477
Views
0
Helpful
1
Replies

PIX/ASA Syslog using TCP

rlourenco
Level 1
Level 1

‎04-04-2007 10:50 PM - edited ‎02-21-2020 01:28 AM

Hi,

Reading the PIX documentation (v7.2) I can find the following regarding logging host configuration: " If you specify TCP, the security appliance discovers when the syslog server fails and discontinues sending logs"

Will the firewall recover syslog service (i.e. restarts sending logs) after the server becomes online again? or manual intervention will be needed?

Thanks in advance.

Ricardo

0 Helpful
1 Reply 1

kofflerg
Level 1
Level 1

‎04-06-2007 01:58 PM

In my experience, it won't recover, but that was with 7.0, I think. I doubt that it's changed, but it was enough to prevent using TCP logging for us. Some drops were better than no logging...however, it is possible to make the firewall stop passing traffic if logging fails, I believe, so that could be used as an avenue toward recovery, if the tradeoff is acceptable.

George

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card