Allow user traffic to pass when TCP syslog server is down

Asset 6

Can’t reach the internet after enabling syslogging on ASA

Posted on 29 August 2019 by Beaming Support

This is something to watch out for when you’re setting up something as simple as syslog.

Setting up syslog should not alter how the ASA processes packets, however by default when you configure the ASA to output its logs to a syslog server using TCP, the ASA will just drop the packets if the server is not available.

There is a way to get around this, which is to click the below field that states “Allow user traffic to pass when TCP syslog server is down”.

By clicking this button traffic will then be able to pass through the ASA even if the syslog server is down.  Please note this is not the same for UDP: if the ASA cannot pass logs to the syslog server using UDP, there would be no interruption.

Related

Found this useful?

In our monthly email round up, our tech team shares:

  • How-tos
  • Cyber security guidance
  • Trouble shooting guides
  • Tips for getting the best from your business connectivity

  • This field is for validation purposes and should be left unchanged.