the urlfiltering component is used with a 3rd party
appliance. Currently only websense and N2H2 are
supported. Sorry, not free.
--- chetanvatika <chetanvatika yahoo.co.in> wrote:
> Hi Brian and Gray,
>
> Thanks alot my pix is working great now.
> Can i use url filetring in my PIx or if i want to
> block some sites permantely through Access-list what
> should i doo ??
>
>
> Chetan
>
> ----- Original Message -----
> From: chetanvatika
> To: PIX_Firewall@yahoogroups.com
> Sent: Monday, December 19, 2005 6:32 PM
> Subject: Re: [PIX_Firewall] Re: PIX with Syslog
>
>
> Thanks Brain and Gray,
>
> I configured my SysLog server over udp port 1058
> instead TCP port 1058
>
> Now its is woking preety good. Just configured it
> give me a day to monitor then i will give you all
> the correct respnse.
>
> Thanks Alot Brain and Gray.
>
> thanX
> Chetan
>
> ----- Original Message -----
> From: Brian
> To: PIX_Firewall@yahoogroups.com
> Sent: Monday, December 19, 2005 12:34 AM
> Subject: [PIX_Firewall] Re: PIX with Syslog
>
>
> chetanvatika,
>
> So as Gary and I have both pointed out if you
> use TCP Syslog in the
> PIX and the Syslog server doesn't acknowledge
> the Syslog messages back
> to the PIX; the PIX will think the Syslog server
> is down and stop
> creating new translations. This means no new
> sessions can be created
> by the PIX. You can use the command "logging
> permit-hostdown" to make
> the PIX with syslog set for TCP act the same as
> syslog set for UDP.
>
> My recommendation is that unless you have a
> security policy that says
> "if we can't log traffic, then we shouldn't
pass
> traffic", you should
> not use TCP syslog. It uses more processor
> cycles on your PIX, it
> creates more traffic, and you can accomplish the
> same thing using
> syslog over UDP.
>
> My guess is that your syslog server might be
> busy at that time of day
> doing something that is scheduled (something
> other than Syslog).
>
> Liberty for All,
>
> Brian
>
> --- In PIX_Firewall@yahoogroups.com,
> "chetanvatika"
> <chetanvatikay...> wrote:
> >
> > ThanKX Brain,
> >
> > Syslog server is working preety good on
> tcp/1058.
> >
> > I am facing the problem that my pix works fine
> all day but when it
> comes to night like aruond 6-7pm it stop
> creating new connections to
> outside interface and i have to reeboot it.
> >
> > What can be the problem??
> >
> > Please help with this.
> >
> > ----- Original Message -----
> > From: Brian
> > To: PIX_Firewall@yahoogroups.com
> > Sent: Friday, December 16, 2005 12:11 AM
> > Subject: [PIX_Firewall] Re: PIX with Syslog
> >
> >
> > Sri,
> >
> > Sure. Running PIX syslog over tcp/1058
> should work.
> >
> > You need to check to make sure that any
> personal firewall on the
> > syslog server allows that port. Some block
> high order tcp by default.
> >
> > You also have to remember that running
> syslog from PIX over TCP means
> > that if the server signals unavailable the
> PIX will stop forwarding
> > traffic.
> >
> > If you want to debug you need to #1 make
> sure you can ping the syslog
> > server from the PIX and #2 find a ping tool
> that allows you modify the
> > port number and run it on a couple of PCs.
> >
> > Liberty for All,
> >
> > Brian
> >
> > --- In PIX_Firewall@yahoogroups.com,
> "Sridhar M.N." <sridmobiley...>
> > wrote:
> > >
> > > Hello Brian,
> > >
> > > The default for syslog is UPD 514,
but
> TCP 1058 works great for
> > me. These are the settings I've enabled.
> > >
> > > logging host inside 10.1.30.48
tcp/1058
> > > logging trap debugging
> > > logging on
> > > logging timestamp
> > > logging standby
> > > logging buffered notifications
> > > logging history notifications
> > > logging facility 16
> > > logging queue 100
> > >
> > > In Kiwi setup, Under Inputs -->
TCP,
> select Listen for TCP syslog
> > messages.
> > > TCP Port by default would be 1058
> > > Bind to address --> Type in your
> system's IP address. In my case
> > its 10.1.30.48 and click OK
> > >
> > > I've attached the print screen of the
> kiwi setup too.
> > >
> > >
> > > Brian <brfordy...> wrote:
> > > Sri, Chetan;
> > >
> > > The default port for Syslog is UDP 514.
> If this configuration isn't
> > > working it is because either the PIX or
> the Syslog server is
> sending /
> > > listening on the wrong port.
> > >
> > > Liberty for All,
> > >
> > > Brian
> > >
> > > --- In PIX_Firewall@yahoogroups.com,
> "Sridhar M.N."
> <sridmobiley...>
> > > wrote:
> > > >
> > > > Hi Chetan,
> > > >
> > > > Issues these commands in your
cisco
> pix.
> > > >
> > > > logging on
> > > > logging timestamp
> > > > logging standby
> > > > logging buffered notifications
> > > > logging trap errors
> > > > logging history notifications
> > > > logging facility 16
> > > > logging queue 100
> > > > logging host inside ipaddress-of
> syslogd-server tcp/port-number
> > > >
> > > > example : logging host inside
10.1.2.5
> tcp/1058
> > > >
> > > > 1058 is the default port number
and
> should work fine in KIWI
> > > syslog server. But make sure that KIWI
is
> listening on port number
> > > 1058. Hope this helps.
> > > >
> > > > chetanvatika <chetanvatikay...>
wrote:
>
=== message truncated ===
__________________________________
Yahoo! for Good - Make a difference this year.
http://br
and.yahoo.com/cybergivingweek2005/
------------------------ Yahoo! Groups Sponsor
--------------------~-->
AIDS in India: A "lurking bomb." Click and help
stop AIDS now.
http://us.click.yahoo.com/9QUssC/lzNLAA/TtwFAA/kgFolB/TM
------------------------------------------------------------
--------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://gr
oups.yahoo.com/group/PIX_Firewall/
<*> To unsubscribe from this group, send an email to:
PIX_Firewall-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.c
om/info/terms/
|