01-15-2002 05:53 PM - edited 02-20-2020 09:57 PM
Hi All,
Did someone ever encounter PIX problem when the pix configured for the syslog server with tcp port ?
I encountered this problem when I configured the pix for syslog server with tcp port..the command is logging host (in_if) (host_ip) [tcp/port_number].
Actually there is no problem when the syslog server was up. But when I shut down the server..the pix suddenly can not route packet from inside to outside..but if I did pinging from pix to outside and inside are ok..only if I pinged from inside network, servers which are in inside network, the packets are stopped at pix. the pix image version is 5.1(2). is there any bugs on that version ??
I will really appreciate if some one can helps...
thanks and regards
01-16-2002 02:07 AM
This is a feature of the pix when syslogging with TCP.
When the PIX can no longer log to the server, whether because the disk is full or the server is offline, TCP traffic is stopped.
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/config/config.htm#xtocid2803660
Use the default UDP if you do not wish this to happen.
01-17-2002 12:33 AM
Hi,
thanks for your respon...how about If I use this command logging host (in_if) (host_ip) [udp/port_number]. I use udp instead of tcp. Is that okay ?? Will all the udp packets stop ???
Regards
01-19-2002 12:30 AM
there is no need to state UDP
It will default to udp 514 as stated in the command ref below
http://cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_60/config/commands.htm#xtocid605042
If you use udp (default) to syslog, if the syslog server becomes unavailable, the traffic will still flow through the PIX. All that will happen is that there will be no logs until the server is brought back online.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide