Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1049
Views
0
Helpful
5
Replies

ASA -> ROUTER -> LAN - syslog question

Go to solution
crisponions
Level 1
Level 1

‎01-11-2011 06:50 PM - edited ‎03-04-2019 11:02 AM

Hello, I am running the following config

cloud -> ASA -> ROUTER -> LAN,

I am doing NAT/PAT on the router instead of the ASA because I am bumping up against my 10 user license.

Everything is working fine, but I am having an issue trying to get the asa to log to a syslog server inside the LAN.

I have the pointed the ASA logging host to the outside IP of the router, and set up a static nat statement on the router  to forward traffic on port 514 to the internal syslog server.

It isn't working, from what I am showing the ASA isn't even trying to log to the router (no hits for the nat translation are shown in the router)

I am going about this wrong, any suggestions?

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sean_evershed
Level 7
Level 7

‎01-13-2011 04:18 AM

Do you have a spare interface on your ASA that you could configure and connect a test PC running something like Kiwi syslog to see if it will receive the syslog messages? If that works then maybe there is a problem with the NAT config.

- There are no ACLs on your LAN that could be blocking traffic?

- What is the syslog software that you are using? Is it working successfully now for other Cisco devices in your network?

- You could try configuring Netflow on your router to see if it is receiving any syslog traffic from the ASA.

Please remember to rate all posts that are helpful.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
hobbe
Level 7
Level 7

‎01-12-2011 01:23 AM

Have you enabled logging ?

have you set the right logging host ?

have you set that whatever you want to be logged ?

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml

Good luck

HTH

0 Helpful

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎01-12-2011 06:09 AM

Can you post your configs?

0 Helpful

Go to solution
sean_evershed
Level 7
Level 7

‎01-13-2011 04:18 AM

Do you have a spare interface on your ASA that you could configure and connect a test PC running something like Kiwi syslog to see if it will receive the syslog messages? If that works then maybe there is a problem with the NAT config.

- There are no ACLs on your LAN that could be blocking traffic?

- What is the syslog software that you are using? Is it working successfully now for other Cisco devices in your network?

- You could try configuring Netflow on your router to see if it is receiving any syslog traffic from the ASA.

Please remember to rate all posts that are helpful.

0 Helpful

Go to solution
crisponions
Level 1
Level 1
In response to sean_evershed

‎01-13-2011 07:05 PM

Thanks for the tips.  It turned out the be the logging server.  Tested having the router log to it

and it failed too.  Changed some configs on the syslog server and all is working as expected.

Thanks

0 Helpful

Go to solution
sean_evershed
Level 7
Level 7
In response to crisponions

‎01-13-2011 10:21 PM

Thanks for the rating and thanks for the feedback. Good to see it was a simple fix.

Cheers

Sean

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card