Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
396
Views
0
Helpful
2
Replies

Cisco ISE remote syslog on port udp 2100

danielesquaranti
Level 1
Level 1

‎02-15-2023 05:42 AM

Hi,

I'm trying to send remote logging to a syslog server on udp 2100 on CIsco ISE and it doesn't work.

I try with 514 and it works...

I already checked and it's not a syslog server or firewall problem.

Maybe there's a bug?

0 Helpful
2 Replies 2

Greg Gibbs
Cisco Employee
Cisco Employee

‎02-15-2023 02:27 PM

I tested my ISE 3.1p5 instance with a remote logging target using UDP/2100 and it worked as expected. I would suggest ensuring that you don't have a host firewall (Linux/Windows) that is blocking the traffic.

Wireshark capture on my Windows client:

Screenshot 2023-02-16 at 9.23.14 am.png

Syslog messages on my Kiwi Syslog Server:

Screenshot 2023-02-16 at 9.23.42 am.png

 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎02-15-2023 02:33 PM

before we do any further guiding.

is the Syslog listening on that ports?

how about trying a different port 1514 or 5514 and let me know is this works? ( I use below ports not for ISE, other device all works as expected)

what log server ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents