In article <40518c0e$0$149$e4fe514c@dreader14.news.xs4all.nl>,
M.C. van den Bovenkamp <marco@linuxgoeroe.dhs.org> wrote:
:sam wrote:

:> I m wondering how can I upgrade the existing cisco udp-based syslogd program
:> to a tcp-based syslogd program?

:You can't, AFAIK. The only Cisco box I'm aware of that can do TCP-based
:syslogging is the PIX.

Right, the PIX will do TCP-based syslog


:> I want to configure cisco router send syslog msg to a remote log server, and
:> I want the data tranmission is encrypted. What procedure/steps I need to
:> follow in order to upgrade syslog to tcp-based syslog for data auth and
:> encryption?

If 'sam' were to change to tcp-based syslog, s/he would not gain data
authentication or encryption, as neither of those are built into tcp.


:IPSEC tunnel? Just an idea off the top of my head.

IPSec would indeed provide the authentication and encryption requested.
And on the PIX, the IPSec can be applied to udp syslog as well as to tcp
syslog.
--
WW{Backus,Church,Dijkstra,Knuth,Hollerith,Turing,vonNeumann}D ?