«

"Didier" <> wrote in message
news:40042149$...
> > And are you passing the switch to syslogd
> > which tells it to accept remote messages?
> What do you mean by "passing the switch to syslogd"?

On linux you need to edit /etc/sysconfig/syslog and add -r to
SYSLOGD_OPTIONS, else it will only accept local log messages.

Richard.

> And are you passing the switch to syslogd
> which tells it to accept remote messages?
>
Syslogd is launched with:
syslogd -a myrouter.ip.address

Here is my router config:
logging facility local0
logging source-interface FastEthernet0
logging myrouter.ip.address

Here is freebsd's syslog.conf (see the last line)
*.err;kern.debug;auth.notice;mail.crit /dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.cr it;news.err
/var/log/message
security.* /var/log/security
auth.info;authpriv.info /var/log/auth.log
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
ftp.info /var/log/xferlog
cron.* /var/log/cron
local0.informational /var/log/cisco.log


Here is the output of show log:
Syslog logging: enabled (0 messages dropped, 10235 messages rate-limited,
365 flushes, 0 overruns)
Console logging: disabled
Monitor logging: level informational, 0 messages logged
Buffer logging: disabled
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
Trap logging: level informational, 15143 message lines logged
Logging to myfreebsd.box.ip, 15143 message lines logged

I'm using this config on fastethernet0:
interface FastEthernet0
ip address myfreebsd.box.ip
ip access-group 111 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect standard in
speed auto
ntp broadcast client
no cdp enable

Here is ip inspect standard:
ip inspect udp idle-time 1800
ip inspect dns-timeout 7
ip inspect tcp idle-time 14400
ip inspect name standard cuseeme
ip inspect name standard ftp
ip inspect name standard h323
ip inspect name standard http
ip inspect name standard rcmd
ip inspect name standard realaudio
ip inspect name standard smtp
ip inspect name standard sqlnet
ip inspect name standard streamworks
ip inspect name standard tcp
ip inspect name standard tftp
ip inspect name standard udp
ip inspect name standard vdolive

And here is show access-list 111:
Extended IP access list 111
permit ip mynetwork any (85973 matches)
deny ip any any log

SORRY FOR THE LONG POST, but I really don't now what else to check!

Didier wrote:

> Hi,
> I've these entries on my router:
> logging facility local0
> logging source-interface FastEthernet0
> logging x.y.z.y
>
> In my freebsd box /etc/syslogd.conf file:
> local0.* /var/log/cisco.log
>
> When running tcpdump, I can see that a syslog message arrives at my
> freebsd box:
> 14:37:50.785983 myrouter.57372 > x.y.z.y.syslog: udp 77
>
> The file /var/log/cisco.log has no entries, why, what did I misconfigure?
>
> thx a lot?

As stated in an earlier thread... To quote from one of my own /etc/rc.conf
files:

syslogd_flags="-a 10.0.0.1/32:*" # Allow Cisco to log stuff..

See also "man syslogd"

make sure your syslogd is running with the option to accept remote
questions...by default..i think it only allows local..

-Rob


In comp.dcom.sys.cisco Martin <> wrote:
> Didier wrote:

>> Hi,
>> I've these entries on my router:
>> logging facility local0
>> logging source-interface FastEthernet0
>> logging x.y.z.y
>>
>> In my freebsd box /etc/syslogd.conf file:
>> local0.* /var/log/cisco.log
>>
>> When running tcpdump, I can see that a syslog message arrives at my
>> freebsd box:
>> 14:37:50.785983 myrouter.57372 > x.y.z.y.syslog: udp 77
>>
>> The file /var/log/cisco.log has no entries, why, what did I misconfigure?
>>
>> thx a lot?

> As stated in an earlier thread... To quote from one of my own /etc/rc.conf
> files:

> syslogd_flags="-a 10.0.0.1/32:*" # Allow Cisco to log stuff..

> See also "man syslogd"