«

Hello,

I am trying to pass syslog from outside interface to server that sits
behind pix firewall. Details as follows.

Cisco2811
192.168.1.1 (LAN)
255.255.255.0
Kiwi Syslog on UDP port 514


Cisco Pix
192.168.1.2 (Outside Interface)
192.168.150.1 (Inside Interface)
255.255.255.0


Syslog sitting on:
192.168.150.27
255.255.225.0


I setup the 2811 to pass the syslog to 192.168.1.2
Trying to get the Pix to route all inbound UPD 514 traffic from the
Cisco 2811 to 192.168.150.27. I would like to keep the outside Cisco
2811 traffic visable in the syslog so I can tell between Pix, 2811,
and VPN 2005 that is logging to..


Here is the deal. The syslog is listeniing on UDP 514. All other
network devices are
logging to this port. (VPN,PIX, 2950's, Aironet)The Cisco 2811 is
setup for logging but nothing
comes through on UDP 514. When I allow all UDP traffic from Cisco
2811
through Pix firewall to syslog it works. It would not be good to
allow
all UDP traffic. What gives here? Anyone with suggestion of feedback
on this? I researched and could not find anything helpful.

Thanks!

In article < .com>,
pix help <> wrote:
> I am trying to pass syslog from outside interface to server that sits
>behind pix firewall. Details as follows.

>Cisco2811
>192.168.1.1 (LAN)
>255.255.255.0
>Kiwi Syslog on UDP port 514

No, you cannot run Kiwi Syslog on the Cisco 2811. You can only
configure the 2811 to send syslog information to somewhere, and that
somewhere might happen to be running Kiwi Syslog.

>Cisco Pix
>192.168.1.2 (Outside Interface)
>192.168.150.1 (Inside Interface)
>255.255.255.0

>Syslog sitting on:
>192.168.150.27
>255.255.225.0

static(inside,outside) udp interface 514 192.168.150.27 514
access-list out2in permit udp host 192.168.1.1 interface outside eq 514
access-group out2in in interface outside

On Jan 31, 10:29 am, "pix help" <listserve2...@patmedia.net> wrote:
> Hello,
>
> I am trying to pass syslog from outside interface to server that sits
> behind pix firewall. Details as follows.
>
> Cisco2811
> 192.168.1.1 (LAN)
> 255.255.255.0
> Kiwi Syslog on UDP port 514
>
> Cisco Pix
> 192.168.1.2 (Outside Interface)
> 192.168.150.1 (Inside Interface)
> 255.255.255.0
>
> Syslog sitting on:
> 192.168.150.27
> 255.255.225.0
>
> I setup the 2811 to pass the syslog to 192.168.1.2
> Trying to get the Pix to route all inbound UPD 514 traffic from the
> Cisco 2811 to 192.168.150.27. I would like to keep the outside Cisco
> 2811 traffic visable in the syslog so I can tell between Pix, 2811,
> and VPN 2005 that is logging to..
>
> Here is the deal. The syslog is listeniing on UDP 514. All other
> network devices are
> logging to this port. (VPN,PIX, 2950's, Aironet)The Cisco 2811 is
> setup for logging but nothing
> comes through on UDP 514. When I allow all UDP traffic from Cisco
> 2811
> through Pix firewall to syslog it works. It would not be good to
> allow
> all UDP traffic. What gives here? Anyone with suggestion of feedback
> on this? I researched and could not find anything helpful.
>
> Thanks!

Update the syslog is sitting on server behind Pix. Still cant log from
2811 to syslog server behind pix. Any help appreciated.