Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
742
Views
0
Helpful
4
Replies

Syslog to locacl host

Go to solution
mkkeyan
Level 1
Level 1

‎10-23-2009 04:01 AM - edited ‎03-11-2019 09:30 AM

Hi MY network setup

ISP terminated in router ---> ASA5510--L3(3560)-L2 -LAN

Objective:

Syslog needs to received from router to local machine,

I have added the route in router, and excluding NAT in ASA. From local machine i am able reach router , but from router unable to reach local machine (or syslog server)

pl help

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Collin Clark
VIP Alumni
VIP Alumni
In response to mkkeyan

‎10-23-2009 06:42 AM

Relative information is required if you want help. Here's an example.

access-list SYSLOG_SERVER extended permit ip host 10.10.20.17 host [router IP]

static (inside,outside) 10.10.20.17 access-list SYSLOG_SERVER tcp 65535 10000

access-list outside_access_in extended permit udp host [router IP] host 10.10.20.17 eq syslog

In the router you will need a static route to the inside host pointing to your ASA.

ip route 10.10.20.17 255.255.255.255 [ASA public IP]

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎10-23-2009 05:56 AM

Can you post the ASA statics and ACL? What do the logs in the ASA state?

0 Helpful

Go to solution
mkkeyan
Level 1
Level 1
In response to Collin Clark

‎10-23-2009 06:33 AM

no static in ASA

Only acl and nonat acl

access-list internet-access-list permit ip 10.40.50.0 255.255.255.0 host 220.225.XXX.XXX

access-list noant permit ip 10.40.50.0 255.255.255.0 host 220.225.XXX.XXX

internet-access-list -binding inside interface

nonat-access-list with nat 0

thanks

0 Helpful

Go to solution
Collin Clark
VIP Alumni
VIP Alumni
In response to mkkeyan

‎10-23-2009 06:42 AM

Relative information is required if you want help. Here's an example.

access-list SYSLOG_SERVER extended permit ip host 10.10.20.17 host [router IP]

static (inside,outside) 10.10.20.17 access-list SYSLOG_SERVER tcp 65535 10000

access-list outside_access_in extended permit udp host [router IP] host 10.10.20.17 eq syslog

In the router you will need a static route to the inside host pointing to your ASA.

ip route 10.10.20.17 255.255.255.255 [ASA public IP]

0 Helpful

Go to solution
mkkeyan
Level 1
Level 1
In response to Collin Clark

‎10-23-2009 07:03 AM

thank you very much

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card