07-22-2003 08:06 AM - edited 03-02-2019 09:01 AM
Folks,
I'm trying to log traps from a 1721 to my desktop.
I've downloaded a Kiwi syslog server and set it to accept udp (port514), tcp(1468) & snmp traps.
I've configured the router to use the syslog server at my ip address & told it to log debug traps.
when i type ash ow logging on the router i can see it has sent the logs but don't see anything on my syslog server.
i can ping between my router and my server ok
any ideas
thanks in anticipation
07-22-2003 08:33 AM
I just downloaded Kiwi Syslog daemon 7.0.3
Enabled UDP port 514 (thats enabled by default)
TCP is not enabled by default, same is SNMP.
I checked the options to enable TCP and SNMP.
Had a 1721, connected back to back to my PC, loaded with Kiwi.
commands on 1721.
no logging console
logging 10.10.10.10
logging trap debug
Gave a "debug ip icmp" and gave a ping, and all the debug messages popped up on the kiwi syslog.
So I think, in your case, only if a debug instance occurs, will it send a message to syslog server.
07-23-2003 06:59 AM
i tried an install on my test network & all works ok but still nothing on the live network. The only big difference is the access-lists on the live network but i've included my syslog server on the inbound list so that i can ping between the router and the server.
any more ideas gratelfully appreciated
many thanks
07-23-2003 07:20 AM
If there are access-list on the router then you also need to permit syslog udp port 514 on the list. Otherwise syslog messages will be dropped.
07-23-2003 08:16 AM
thanks for your help - i think i'm nearly there!
i'm using an extended list but i can't get the syntax right yet so i tried a:
access-list 101 permit udp myipaddress any
but no joy
agains thanks for the help!
07-28-2003 02:56 AM
Is the ACL incoming or outgiong?
Is the myipaddress the IP address of the router or the syslog server?
I'd use
access-list 101 permit udp any syslog_server_address
or
access-list 101 permit udp router_address syslog_server_address
line in the ACL.
Regards,
Milan
07-28-2003 03:16 AM
Thanks for your help but it turns out i needed to identify the source interface for logging
thanks again
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide