[c-nsp] Can I encrypt syslog traffic in IOS

Hammer bhmccie at gmail.com
Fri Mar 25 16:15:14 EDT 2011


Thanks Christopher. My research has yielded the same result. I went and told
the unix team about an hour ago that I was flipping our syslog from UDP to
TCP w/ SSL or VPN and he just about fell over. I'm trying to decide how much
of an effort I want to make on this. Right now, I'm just enjoying watching
him implode.


 -Hammer-

"I was a normal American nerd."
-Jack Herer





On Fri, Mar 25, 2011 at 3:13 PM, Christopher Pilkington <cjp at 0x1.net> wrote:

> On Fri, Mar 25, 2011 at 3:53 PM, Hammer <bhmccie at gmail.com> wrote:
> > Right now, I can't find anything on CCO or google so that tells me yes so
> > the answer must be NO. Unless I do something wacky like VPN to my syslog
> > server or some other stupid juryrig.... Anyone?
>
> IPSec is the way to go on IOS.
>
> On recent ASA (I'm looking at an 8.0 box) there's SSL/TLS syslog (TCP
> only, obviously) available, but I don't see anything similar on any of
> our recent IOS boxen.
>
> Typically we just run GRE/IPSec tunnels from device to our management
> network for logging, snmp, auth, etc.
>
> -cjp
>


More information about the cisco-nsp mailing list