RE: [fw-wiz] pix firewall - failover and logging issues

From: Petreski, Samuel (spetreski@highpoint.edu)
Date: 01/28/03


From: "Petreski, Samuel" <spetreski@highpoint.edu>
To: "Luciano Z" <user_luciano@yahoo.com.br>, <firewall-wizards@honor.icsalabs.com>
Date: Tue Jan 28 14:18:01 2003


I have enabled logging level 7 on my PIX, which means it logs everything. The only issue is if you have enough disk space on your logging server. I have not seen any performance degradation on the firewall side and my logs average about 300 MB a day!

Samuel Petreski, CCNA, MCSA
High Point University
(336) 841-9290
 

-----Original Message-----
From: Luciano Z [mailto:user_luciano@yahoo.com.br]
Sent: Tuesday, January 28, 2003 2:03 PM
To: firewall-wizards@honor.icsalabs.com
Subject: [fw-wiz] pix firewall - failover and logging issues

Hi!

I have two questions about pix firewall for the list.

The first one is directed to failover users. I┤m using
a pix with version 6.1(1) software and with stateful
failover (I think this version needs update, right?).
From time to time I experiment lost of ssh connection
to the active pix because it have changed from active
state to standby state. I couldn┤t find the reason for
this because we just checked the cables and it was
operating well before I create another subnet attached
to this firewall, changing the address of and unused
interface.

In this situation I┤m not using LAN based failover
(this version doesn┤t support it) so the I have the
serial cable in place. Someone had some problem that
looks like my? Is it possible to start looging to the
syslog server just the messages related to failover
events?

Second question, this is about logging of URL access.
I┤ve read the pix could log the URLs accessed by the
users on a protected network. My question is about the
performace impact of this feature. Anybody used this?
What was the impression about it? And again: Is it
possible to log just the events related to this?

Well, thanks for your time!

[]
Luciano

_______________________________________________________________________
Busca Yahoo!
O servišo de busca mais completo da Internet. O que vocŕ pensar o Yahoo! encontra.
http://br.busca.yahoo.com/
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards