PIX with software 6.3 permit-hostdown equivalent?

- J
- JLindsey.FW
  
  Contact options for registered users
posted
16 years ago

Wed, Jul 25, 2007 4:44 PM

I know that version 6.3 of the pix firewall software does not have the permit-hostdown command for syslogging. Does anyone know if theres an equivalent of that? We've been trying this new syslog server and were trying to work some of the bugs out that we've come across... but when it flakes out on us our internet goes down do to the fact that if logging is on on the PIX and it can't log it doesn't allow any new connections.

Long story short... does anyone know how to tell the PIX to keep working normally even when it can't log to the log server???

Justin Lindsey

R&D Network Technician Stryker Communications

Loading thread data ...

- W
- Walter Roberson
  
  Contact options for registered users
Vote on answer
posted
16 years ago

Wed, Jul 25, 2007 7:30 PM

Use udp syslog (the default). The PIX will only halt traffic flow if it is unable to log to a tcp syslog server. With udp it doesn't even get told whether the message made it as far as the syslog server.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.