Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Logs not getting captured on Kiwi syslog through firewall

Hi Experts,

We are not able to capture logs for devices connected to outside interface of firwall.

Routing ffor Kiwi syslog from these devices is proper. Also udp 514 port is opened on firewall for bidirectional traffic.

We are able to capture firewall logs but not router connected to firewall outside interface.

Would request you to help me to resolve this issue.

Thanks & Regards,

Surya

3 REPLIES
New Member

Logs not getting captured on Kiwi syslog through firewall

Hi ,

Also logging host syslog ip

also logging enabled for syslog.

Hall of Fame Super Gold

Logs not getting captured on Kiwi syslog through firewall

Complain to your firewall vendor.

Logs not getting captured on Kiwi syslog through firewall

Being that your router is on the outside of the firewall, what device is doing natting? If you're natting on the firewall, you'll need to set your router to send to a public address that you have mapped to your kiwi syslog server through your firewall in order to catch your logs.

Let's say that you have a syslog server at 192.168.1.50. You have the block 5.5.5.0/25. You can map, at the firewall, 192.168.1.50 ----> 5.5.5.50. On your router, you'll set up "logging host 5.5.5.50". Then on your firewall, only allow 5.5.5.1 (router) into 5.5.5.50 on udp port 514.

HTH,

John

HTH, John *** Please rate all useful posts ***
531
Views
0
Helpful
3
Replies