Enabling Syslog for Cisco AS 5505 and 5506

Parts and Materials Required

  • FSE Laptop
  • Serial-to-USB adapter
  • Serial Console cable

Time Required

  • 15 minutes

Procedure

  1. Obtain from the customer's IS/IT Administrator their Syslog server IP and protocol/listening port. You will need this information to enable Syslog on the firewall.
  2. Ensure that the firewall is powered on by checking the Power, Status, and Active lights (located on the front of the firewall) are solid green.
  3. Connect the Serial-to-USB adapter to a USB port on your FSE laptop.
  4. Connect the serial end of the light blue console cable to the Serial-to-USB adapter.
  5. ClosedConnect the other end of the console cable to the firewall console port.

  6. Run HyperTerminal, located in Start>Programs>Accessories>Communications.
  7. ClosedAt the Connection Description window, give the connection an arbitrary name and select an icon. The actual name of the connection and the icon selection does not affect the outcome of this procedure.

  8. ClosedAt the Connect to window, select the correct COM port being used by the Serial-to-USB adapter.

    1. ClosedIf this is unknown, open Windows Explorer. Right-click on My Computer and click on Manage. Click on Device Manager in the left-hand pane (see following image).

    2. Expand the Ports (COM and LPT) section. Find the Serial-to-USB adapter and note the COM port assigned to it. The COM port is found in parentheses.
    3. Once the correct COM port has been selected in the Connect to window, Click OK.
  9. ClosedAt the COMX Properties (X is the port number chosen above) window, change the Bits per second to 9600 and click OK.

  10. ClosedNow you will be looking at the main HyperTerminal window (following image).

    Note— Before reprogramming any firewall, it is extremely important to download the current firewall configuration for backup purposes. This will ensure that no information is lost and having the backup information will be vital in troubleshooting in case the reprogramming is not successful. Steps 11 to 19 are instructions to perform the backup.
  11. Open the Transfer drop-down menu (at the red circle in the image above) and click Capture Text. The Capture Text feature will capture all text seen in the window into a text file.
  12. Choose a directory to save the text file to and choose a name for the file, such as:

    XXXXX mm-dd-yy firewall config backup (where XXXXX is the Serial# of the Panther System)

  13. ClosedOnce back at the main window, press the Enter key. The prompt message (ciscoasa>) will appear.

  14. Type enable and press Enter. A password prompt will appear.
  15. The password is the same password used to log-in to the gpservice account on service software. Enter the password and press Enter.
  16. ClosedA prompt message (ciscoasa#) will now appear.

  17. Type terminal pager 0 and press Enter. This allows the configuration to continuously scroll as opposed to having to manually hit Enter as each short section appears.
  18. ClosedType show conf and press Enter.

    The configuration will begin scrolling down the screen. It is finished when the ciscoasa# prompt reappears.

  19. ClosedAfter the ciscoasa# prompt type config t and press Enter. The prompt changes to ciscoasa(config)#.

  20. Now run the following four commands, pressing Enter after each one:

    Note—

    • Section a. (below) shows the formatting of the commands.
    • Section b. provides an example with representative values.
    • The system may display messages after you press Enter. These are typically advisory only and should not prevent you from entering the remaining commands.
    1. ClosedIn the second command below, replace the text shown in bold with the customer's Syslog server IP and protocol/listening port.

    2. ClosedThe following is an example using "10.10.10.1" as the Syslog server IP and "TCP/6012" as the Protocol/Port:

  21. Type exit and press Enter. You will now be taken back to the ciscoasa> prompt.
  22. Type exit and press Enter once more. You will still be at the ciscoasa> prompt.
  23. ClosedClick the Disconnect button.

  24. Close the window and choose not to save the connection.
  25. Disconnect the power from the firewall, wait one minute, then reconnect the power. This is to ensure no connection issues when reprogramming the firewall.
    Note— It is recommended to leave the FSE laptop connected to the firewall until after successful verification.

Verification

  1. Verify with the customer that logs from the Cisco firewall are being received at their Syslog server.
  2. Close HyperTerminal and disconnect the FSE laptop from the firewall.