We have enabled logging to a syslog server. This works fine for a few minutes to an hour sometimes. But inevitably something hangs. I know the PIX has hanged because all internet traffic stops. No one can get in or out using internet. I don't know about other routing such as SMTP, etc. Never checked because I have to get internet back online asap.
Any ideas what I'm doing wrong? I need to get VPN logging activated, but it as soon as I turn it on, the PIX hangs.
Thanks.
Is it possible that you are running out of memory? Is it a PIX 501? Have you tried adjusting the logging queue parameter?
Are you using UDP logging or TCP logging? UDP logging will just start throwing away messages if they can't be handled, but TCP logging is -intended- to stop traffic flow if it is unable to get an ACK from the logging socket.
If you only need particular kinds of logs, you could use a whole lot of "no logging message" to disable the generation of all the messages except the ones you need. Alternately with PIX 6.3 and later, you can use "logging message" to boost level at which specific messages are logged, and then you can adjust the "logging trap" level to log less. For example, you could set "logging trap" to level 2 so that for the most part you only messages that the PIX considers high priority, but you could tweak something that would normally be logging level 4 so that it logs at level 2 instead, thus logging it while the rest of the level 4 messages were not logged.
Thanks for the reply. I'll try your recommendations and post back.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.