Config question

[rtiv]

I have a PIX520 which resides on a seperate network at a different physical location. That network is 172.20.110.x
I'm trying to set up syslogging so that all messages are sent to a host on the 172.22.0.0 network. I've gone in and put in:

logging host inside 172.22.5.251 udp/2002

which took fine. I know need to figure out what the exact line entry would be to open up udp/2002 so that it can send those messages to the 172.22.0.0 network. This would be coming through the inside interface as that talks to a 2600 router which is configured with a PTP T1 over to another 200 router at my facility (the 172.22.0.0 network).

Can anyone relay the exact statemnet to put on the PIX520 so that I can start seeing these messages ?

Many Thanks

 

[sunyasee]

Can you ping this machine from your PIX?
If not you need to sort out the route statements (or check you allow ICMP through the router)

Also, have you entered the 'logging trap' command to define the type of info you'd like to log?

 

[rtiv]

Hi,

I just tried pinging the host where the syslog server is running and I can't get to it. If I look at the config however, I have the following statement:

conduit permit icmp any any

no logging trap

 

[Stoker]

Have you got the route inside entered on the PIX.

route inside 172.22.0.0 255.255.0.0 172.20.110.x 1

destination network/subnet mask /router ip address/hops

I hope this helps resolve your issue.