Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
550
Views
0
Helpful
0
Replies

ISR4331 - Zone Based Firewall Self syslog rule

theitmedic
Level 1
Level 1

‎05-21-2019 10:01 AM

I'm trying to allow my ISR 4331 to be able to send it's syslog to UDP port 42729 to my syslog server. I was able to get it to work if I allowed Self to Internet using match protocol of UDP. I would like to create a match access-group versus a match protocol to allow syslog port 42729 to send to syslog server 192.168.100.1. I would like the ZBF to be more specific versus just allowing UDP. I tried creating a match access-group for syslog but had no luck getting syslogs to show up on my syslog server. In the end I configured the match protocol UDP and it worked. Any ideas?

 

lass-map type inspect match-any SELF-POLICY
match protocol icmp
match protocol dns
match protocol ntp
match protocol udp

 

policy-map type inspect SELF-TO-INTERNET-POLICY
class type inspect SELF-POLICY
inspect
class class-default
drop

 

zone-pair security ZP-SELF-TO-INTERNET source self destination INTERNET
service-policy type inspect SELF-TO-INTERNET-POLICY

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents