Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Syslog servers

Folks,

I'm trying to log traps from a 1721 to my desktop.

I've downloaded a Kiwi syslog server and set it to accept udp (port514), tcp(1468) & snmp traps.

I've configured the router to use the syslog server at my ip address & told it to log debug traps.

when i type ash ow logging on the router i can see it has sent the logs but don't see anything on my syslog server.

i can ping between my router and my server ok

any ideas

thanks in anticipation

6 REPLIES

Re: Syslog servers

I just downloaded Kiwi Syslog daemon 7.0.3

Enabled UDP port 514 (thats enabled by default)

TCP is not enabled by default, same is SNMP.

I checked the options to enable TCP and SNMP.

Had a 1721, connected back to back to my PC, loaded with Kiwi.

commands on 1721.

no logging console

logging 10.10.10.10

logging trap debug

Gave a "debug ip icmp" and gave a ping, and all the debug messages popped up on the kiwi syslog.

So I think, in your case, only if a debug instance occurs, will it send a message to syslog server.

Community Member

Re: Syslog servers

i tried an install on my test network & all works ok but still nothing on the live network. The only big difference is the access-lists on the live network but i've included my syslog server on the inbound list so that i can ping between the router and the server.

any more ideas gratelfully appreciated

many thanks

Re: Syslog servers

If there are access-list on the router then you also need to permit syslog udp port 514 on the list. Otherwise syslog messages will be dropped.

Community Member

Re: Syslog servers

thanks for your help - i think i'm nearly there!

i'm using an extended list but i can't get the syntax right yet so i tried a:

access-list 101 permit udp myipaddress any

but no joy

agains thanks for the help!

Re: Syslog servers

Is the ACL incoming or outgiong?

Is the myipaddress the IP address of the router or the syslog server?

I'd use

access-list 101 permit udp any syslog_server_address

or

access-list 101 permit udp router_address syslog_server_address

line in the ACL.

Regards,

Milan

Community Member

Re: Syslog servers

Thanks for your help but it turns out i needed to identify the source interface for logging

thanks again

138
Views
0
Helpful
6
Replies
CreatePlease to create content