Follow

Cisco ASA: a very expensive machine that generates syslogs at line rate, and occasionally lets you firewall and do site-to-site VPNs

· · Web · 2 · 0 · 1

really, you absolutely NEED to turn off logging for messages 302013, 302014, 302016 (unless you're in the unenviable position of having to debug TCP/UDP connection setup).

Otherwise, it logs *every* connection setup and teardown, and it's very easy to miss the VPN logs you really want.

Speaking of logs... Splunk is great for historical log search, but the exact WRONG tool to do real-time debugging because I can't scroll the log in anywhere near real-time. So I had to send a copy of the ASA logs to an actual syslog machine.

buthey... at least it's not Firepower, which is what the unlucky guy at the other end of this tunnel is using!

He can't even abbreviate commands. It's a Cisco thing; that's been possible since the 1980s, and someone just broke it.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!