fir3net

PPS-Firenetbanner-780.5x190-30-03-17

  • Home
  • Articles
  • Firewalls
  • Cisco
  • Cisco ASA - Traffic blocked when TCP syslog server is unreachable

Cisco ASA - Traffic blocked when TCP syslog server is unreachable

Issue

When the transport mechnism TCP is configured for Syslog (trap logging) and the Cisco ASA is unable to reach the designated syslog server, the security appliance will prevent any further new network sessions.

Solution

In order to ensure that the status of a TCP-based syslog server is irrelevant to new sessions the following command is used within the global configuration mode,

(config)# logging permit-hostdown

Tags: ASA, TCP