cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
203
Views
0
Helpful
1
Replies
Highlighted
Contributor

VRF-aware syslogging with 2921

I typically use a VRF for management of border routers, partially for secure access via SSH/SNMP, and partially so they can send syslog traps to the syslog server without setting up firewall rules and NATs.

This works fine with a 6500, but trying to use the same configuration on a 2921 I have no luck.  Connectivity seems to be there but I see no messages going through.  TACACs is also configured to use the VRF and works just fine, so the issue is specific to syslog. 

#show run | inc vrf MGMT

ip vrf MGMT

ip route vrf MGMT 0.0.0.0 0.0.0.0 10.100.1.1

logging source-interface Port-channel1.100 vrf MGMT

logging host 10.200.3.4 vrf MGMT

#ping vrf MGMT 10.200.30.4

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.200.30.4, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms

IOS version is 15.1(4)M7

Everyone's tags (4)
1 REPLY 1
Beginner

VRF-aware syslogging with 2921

is it port-channel 1.100 on vrf MGMT?

if not that's the problem

it it is.... the config is good so you should try using a loopback in vrf MGMT because probably a bug is causing that problem

kind regards

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards