Helo! To Neal Rauhauser : If you don't specify source port, the PIX (OS 6.x) will send syslog messages from UDP port 514!! You can change this to whatever from range 1025-65535 : for example: logging host inside 192.168.11.4 udp/1025
So I think this is not a problem, if the FreeBSD syslogd expects the packets to be sourced from UDP port 514. ---------------- To Elijah Savage: Did you checked the connections among syslog host and PIX inside interface, and IP adressess and mask? If they will correct then the problem will be in the FreeBSD syslogd config, because your PIX config is good. BIe, HT! -----Original Message----- From: Neal Rauhauser [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 10, 2002 11:38 AM To: [EMAIL PROTECTED] Subject: Re: Pix logging to a Freebsd syslog server [7:51124] The Cisco logging facility on a router uses a random high port as the source for the syslog packets. I assume the PIX is the same since you're having trouble. The FreeBSD syslogd expects the packets to be sourced from port 514. You can try the flag that supposedly allows syslogd to take random source ports, but it doesn't work :-( I'd strongly suggest you do what I did - just modify the syslogd source so it doesn't check source port, compile it, then install. If that is beyond your C programming skills drop me a note and I can email you the bungholed syslogd.c file and you can take it from there. Elijah Savage III wrote: > > Can anyone help me out with a PIX logging to a Freebsd syslog server. I > thought I was sure about setting this up but I am not getting any > messages on the server, see my configs below. > > logging on > > logging timestamp > > logging trap debugging > > logging facility 23 > > logging host inside 192.168.11.4 > > FreeBSD > > local7.debug /var/log/cisco.all > > I also startes syslogd with these parameters > > 29612 ?? Ss 0:00.03 syslogd -a 192.168.11.2/255.255.255.0 -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd "This is my private email devoted to various mailing lists. If you're a twerp with an attorney and someone else's money, don't bother my employer about the things I say, just come see me personally and we'll discuss the situation. No names, you twerps should know who you are". Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51134&t=51124 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
