We have an IPsec s2s tunnel between two FTD units (one physical, one virtual). When you do show cry ipsec sa peer X.X.X.X, there's a part in the output that shows you the IPsec overhead. But it shows two values and that's what is confusing me. See be...

When configuring a remote server destination for syslog messages on Firepower chassis manager (or any UCS-like chassis for that matter), is it possible to send to another port other than 514? For example, UDP 5145 or something similar?