Note 1. Reference documentation: Configure Linux as PIX, Cisco, Huawei log service host, author name forgot ..
Note, I got a strong pointing point of the forum netizen "beginner photography" during the debugging process, thank you again!
Environment: PIX515E, Redhat 8.0
First, Linux configuration:
1, VI / etc / sysconfig / syslog (Press i to enter the editing state of the VI, press ESC to return to the command line after the editing is complete, then enter: wq, save the disk exit, if not the disk input: Q)
Put the code:
Syslogd_options = "- m 0"
change into
Code:
Syslogd_options = "- r -m 0" // - r allows writing from the remote host to Messages
2, vi /etc/syslog.conf
Add the following
Record all logs to /var/log/pix.log in all logs of Local4 (default device number corresponding to PIX) to /var/log/pix.log
Code:
#Save pix messages all to Pix.log
Local4. * & / var / log / pix.log
3. In order to avoid the log of too large, configure the log runta (Man Logrotate to view detailed help information)
vi /etc/logrotate.conf
Add the following:
Code:
# SYSTEM-Specific Logs May Be Also Be Configured Here.
/VAR/LOG/Pix.log {
WEEKLY
Rotate 4 &
}
4, restart Syslog services:
[root @ localhost & etc] # Service syslog restart
Second, PIX configuration:
Code:
PIX
PIX
PIX
PIX
PIX
PIX # sh logging // You can see if the current log record is started
PIX # WR MEM & / / Save Configuration
Third, check if it is successful and troubleshooting:
1. Run the sh logging in the PIX ENABLE mode to check if the logging is turned on:
Code:
Pix # sh logging
Syslog logging: enable
Facility: 20
TimeStamp Logging: DISABLED
Standby Logging: Discable
Console Logging: Discable
Monitor Logging: Discable
Buffer logging: Discable
Trap logging: Level Warnings, 373000 Messages Logged
& & & Gogging to inside 192.168.0.1
History logging: discable
Device ID: Discable
Pix #
2, in Linux
Run [root @ localhost & etc] # tail -f & / var / log / pix.log Check for logging. Introduced Ctrl C
3, troubleshooting and experience:
The following is an error encountered during the debugging process:
(1) [Close] Open Syslog Logging Service: Run in the PIX Configuration Mode [NO] Logging On [Close] Open Service
(2) It is found that there is no logging when using the tail -f /var/log/pix.log command:
Since there is no care, the PIX side configuration is configured to 4 results in a log that cannot be output, and log in to PIX in configuration mode runs Logging facility 20;
Since the network problem between Linux and PIX causes the log that the log cannot be output. When the PIX cannot be pixed from the Linux terminal, it can ping the Linx from the PIX side, and later check is due to the firewall. If this problem can stop the firewall service in Linux, run [root @ localhost & etc] # service iptables stop
(3) In the configuration, due to carelessness, it is clear that the right order will be written, and it is also a reason that leads to the failure of the configuration. In addition, if you don't understand in the configuration process, you can refer to the information of the official website directly, such as PIX can refer to http://www.cisco.com where N is more, and it is also the most authoritative.
(4) If you don't know if there is a change in the configuration, you should check if you have a missed command, more reference official documents, and more than the forum search for the same problem with the previous netizens and how many exchanges.
Since I am also a newcomer, I is also a slightly slightly for Linux. You are welcome to advise, with a lot of exchanges, learn from each other.
