I have a PIX 515E running FOS version 6.3. I have had logging enabled on this firewall for a couple of months now. I have an instance of SysLogDamon running on a Windows 2003 Standard Edition Server loated directly behing the PIX. I had to reboot the server that was running thte syslog damon service late last night. Once the syslog server was offline I was unable to access any of the servers behind this firewall. I made a trip to my collocation center and realized that the syslog service was not receiving any logging information and the last log entry was moments before my reboot. The syslog service was running but not receivng any information. When I ran the no logging on command on the PIX and then gave the firewall a reboot all my services returned to normal.
After I had everthing settled down I tried to turn on the logging once again on my PIX. I entered the logging on command and the moment i committed my change I was again unable to access anything behind the firewall and the syslog server still was not receiving any information. While on the servers located behing the firewall I was unable to access anything outside my firewall. I was however able to ping an outside address from the PIX itself while this issue was occurring. I was also able to ping my internal servers from the PIX during this issue. To remedy this issue I once again turned off the PIX logging and rebooted the firewall. Again all my services returned to normal.
Here is the logging section of the config file from the firewall:
logging buffered critical
logging trap informational
logging queue 1024
logging host inside 192.168.100.70 6/1468
Has anyone ever had a similar experience, I'm not sure if there is someting off in my config or if this may a sign of a bigger issue to come. I'll be glad to supply more config info it is is requred.
Thanks in advance,
jmdowling
Start Free Trial
