09-16-2008 09:44 AM
Hello everyone.
I know this topic has been discussed previously:
but, I have an additional question/concern regarding this setup. I also currently have the ASA pairs configured where only the active is configured with both IPS added. This is fine. The problem I have is a potential to miss syslog information regarding failover in the case of the standby ASA thinking it needs to become active and the Active not knowing about it. This has happened due to a topology problem and it would have been helpful to have logs from the Standby ASA archived. I know I can't add it through a discover because of the name discrepancy, but I can add it as a device so that it receives logs from the ASA. An additional problem with this is that, since I can't discover it, it can't recognize the names, etc... being sent through syslog (objects, etc). Has anyone successfully added an ASA in this situation? If not, I think this would be a helpful feature.
Thank you,
Jeff Groesbeck
09-16-2008 10:57 AM
AFAIR ASA 8.x introduced different hostname for both faiover units, did you try that?
Regards
Farrukh
09-16-2008 11:11 AM
Hello.
I wasn't aware of this. I tried searching for this and was unsuccessful. Do you have a link I could look at for this?
Thank you,
Jeff
09-16-2008 11:44 AM
I'm sorry, I think I did not remember this correctly. I just went through the 8.x release notes and 8.0 Cisco TAC CTU training slides and could not locate such a feature. Maybe I was dreaming :)
Regards
Farrukh
09-17-2008 05:52 AM
That's OK. That would be a nice feature though. :)
Thanks,
Jeff
09-23-2008 06:55 AM
I would say that you can just have the failover asa send syslog to mars then sort through the "unknown reporting device" logs looking for the ip of that asa. Or you can setup a syslog daemon on another computer and have it record the syslogs there.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide