Cisco 2811 Syslog configuration problem

Discussion in 'Cisco' started by pix help, Jan 31, 2007.

  1. pix help

    pix help Guest

    Hello,

    I am trying to pass syslog from outside interface to server that sits
    behind pix firewall. Details as follows.

    Cisco2811
    192.168.1.1 (LAN)
    255.255.255.0
    Kiwi Syslog on UDP port 514


    Cisco Pix
    192.168.1.2 (Outside Interface)
    192.168.150.1 (Inside Interface)
    255.255.255.0


    Syslog sitting on:
    192.168.150.27
    255.255.225.0


    I setup the 2811 to pass the syslog to 192.168.1.2
    Trying to get the Pix to route all inbound UPD 514 traffic from the
    Cisco 2811 to 192.168.150.27. I would like to keep the outside Cisco
    2811 traffic visable in the syslog so I can tell between Pix, 2811,
    and VPN 2005 that is logging to..


    Here is the deal. The syslog is listeniing on UDP 514. All other
    network devices are
    logging to this port. (VPN,PIX, 2950's, Aironet)The Cisco 2811 is
    setup for logging but nothing
    comes through on UDP 514. When I allow all UDP traffic from Cisco
    2811
    through Pix firewall to syslog it works. It would not be good to
    allow
    all UDP traffic. What gives here? Anyone with suggestion of feedback
    on this? I researched and could not find anything helpful.

    Thanks!
     
    pix help, Jan 31, 2007
    #1
    1. Advertising

  2. In article <>,
    pix help <> wrote:
    > I am trying to pass syslog from outside interface to server that sits
    >behind pix firewall. Details as follows.


    >Cisco2811
    >192.168.1.1 (LAN)
    >255.255.255.0
    >Kiwi Syslog on UDP port 514


    No, you cannot run Kiwi Syslog on the Cisco 2811. You can only
    configure the 2811 to send syslog information to somewhere, and that
    somewhere might happen to be running Kiwi Syslog.

    >Cisco Pix
    >192.168.1.2 (Outside Interface)
    >192.168.150.1 (Inside Interface)
    >255.255.255.0


    >Syslog sitting on:
    >192.168.150.27
    >255.255.225.0


    static(inside,outside) udp interface 514 192.168.150.27 514
    access-list out2in permit udp host 192.168.1.1 interface outside eq 514
    access-group out2in in interface outside
     
    Walter Roberson, Jan 31, 2007
    #2
    1. Advertising

  3. pix help

    pix help Guest

    On Jan 31, 10:29 am, "pix help" <> wrote:
    > Hello,
    >
    > I am trying to pass syslog from outside interface to server that sits
    > behind pix firewall. Details as follows.
    >
    > Cisco2811
    > 192.168.1.1 (LAN)
    > 255.255.255.0
    > Kiwi Syslog on UDP port 514
    >
    > Cisco Pix
    > 192.168.1.2 (Outside Interface)
    > 192.168.150.1 (Inside Interface)
    > 255.255.255.0
    >
    > Syslog sitting on:
    > 192.168.150.27
    > 255.255.225.0
    >
    > I setup the 2811 to pass the syslog to 192.168.1.2
    > Trying to get the Pix to route all inbound UPD 514 traffic from the
    > Cisco 2811 to 192.168.150.27. I would like to keep the outside Cisco
    > 2811 traffic visable in the syslog so I can tell between Pix, 2811,
    > and VPN 2005 that is logging to..
    >
    > Here is the deal. The syslog is listeniing on UDP 514. All other
    > network devices are
    > logging to this port. (VPN,PIX, 2950's, Aironet)The Cisco 2811 is
    > setup for logging but nothing
    > comes through on UDP 514. When I allow all UDP traffic from Cisco
    > 2811
    > through Pix firewall to syslog it works. It would not be good to
    > allow
    > all UDP traffic. What gives here? Anyone with suggestion of feedback
    > on this? I researched and could not find anything helpful.
    >
    > Thanks!


    Update the syslog is sitting on server behind Pix. Still cant log from
    2811 to syslog server behind pix. Any help appreciated.
     
    pix help, Jan 31, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Benson
    Replies:
    3
    Views:
    2,741
    Walter Roberson
    Nov 30, 2004
  2. Iggy
    Replies:
    0
    Views:
    1,122
  3. nick.schmalenberger

    static ip dsl configuration on a 2811

    nick.schmalenberger, Oct 6, 2006, in forum: Cisco
    Replies:
    1
    Views:
    800
  4. sultaans
    Replies:
    0
    Views:
    1,189
    sultaans
    Oct 17, 2007
  5. geneveve
    Replies:
    1
    Views:
    1,710
    lalitgoyal
    Dec 29, 2008
Loading...

Share This Page