Solved: ISE configure logging from PSN to MNT

xbill42 · ‎07-21-2020

Hi,

I'm creating a new ISE 2.6 distributed deployment. Now I'm trying to understand what I need to configure in order for the PSN to send their logs to the MNT.

I want to use another interface than the Gi0 for that trafic.

Do I need to configure a remote logging target with the IP of the MNT and then under all logging categories select this logging target ?

Or is the PSN logging mecanism to the MNT automatic without additional config ?

Best regards

Arne Bier · ‎07-21-2020

Each PSN will automatically log to both MnT nodes - no config by the end user.

if you wanted to start tweaking that to have the logging sent to a different IP address then it may work, since you can add additional SYSLOG recipients. And then you could disable the current Target (example shown below) and create your own. But as far as I know you can't disable the UDP listener on the Gig0 ... so it's not a protection mechanism. If you're trying to use another interface for SYSLOG reception to offload Gig0, then it seems a viable idea. According to the ISE 2.6 Install Guide Ports Table, Gig1 should be usable for this purpose.

View solution in original post

Arne Bier · ‎07-21-2020

Each PSN will automatically log to both MnT nodes - no config by the end user.

if you wanted to start tweaking that to have the logging sent to a different IP address then it may work, since you can add additional SYSLOG recipients. And then you could disable the current Target (example shown below) and create your own. But as far as I know you can't disable the UDP listener on the Gig0 ... so it's not a protection mechanism. If you're trying to use another interface for SYSLOG reception to offload Gig0, then it seems a viable idea. According to the ISE 2.6 Install Guide Ports Table, Gig1 should be usable for this purpose.