Allow user traffic to pass when TCP syslog server is down

Asset 6

Can’t reach the internet after enabling syslogging on ASA

Posted on 29 August 2019 by Beaming Support

This is something to watch out for when you’re setting up something as simple as syslog.

Setting up syslog should not alter how the ASA processes packets, however by default when you configure the ASA to output its logs to a syslog server using TCP, the ASA will just drop the packets if the server is not available.

There is a way to get around this, which is to click the below field that states “Allow user traffic to pass when TCP syslog server is down”.

By clicking this button traffic will then be able to pass through the ASA even if the syslog server is down.  Please note this is not the same for UDP: if the ASA cannot pass logs to the syslog server using UDP, there would be no interruption.

Related

Subscribe & get a free Business Guide to Cyber Security

We’ll pop up in your inbox once a month with:

  • Cyber security guidance for users of all ability levels
  • FAQs from our technical support desk
  • Quick tips that boost efficiency & productivity

And we’ll send you our Business Guide to Cyber Security for free, as soon as you sign up.

  • This field is for validation purposes and should be left unchanged.