Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
623
Views
0
Helpful
5
Replies

Redirect syslog

Go to solution
Jason Vanlandingham
Level 1
Level 1

‎12-17-2014 02:22 PM - edited ‎03-07-2019 09:56 PM

I'm practicing network monitoring and syslog. I have an all-in-one cable modem/router (leftover from before I bought my Cisco gear) that will send syslog, but only to a host on its own subnet. Is there a way I can make the router's internet facing interface forward received syslog messages to my syslog server?

Topology:

[Cable Modem]--layer3--[2821ISR]--internal layer3--[Etherswitch Module]--VLAN10--[Syslog server]

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎12-17-2014 02:42 PM

Jason

You could try setting up a NAT rule on the 2821 so that traffic sent to the 2821 router IP that connects to the cable modem is translated to an internal IP eg.

int <x>--  connects to cable modem

ip nat outside

int <y> <-- connects to switch

ip nat inside

ip nat inside source static udp <internal IP address> 514 interface <x> 514

Can't guarantee it will work as I have never done syslog with NAT but can't see why it wouldn't.

Jon

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎12-17-2014 02:42 PM

Jason

You could try setting up a NAT rule on the 2821 so that traffic sent to the 2821 router IP that connects to the cable modem is translated to an internal IP eg.

int <x>--  connects to cable modem

ip nat outside

int <y> <-- connects to switch

ip nat inside

ip nat inside source static udp <internal IP address> 514 interface <x> 514

Can't guarantee it will work as I have never done syslog with NAT but can't see why it wouldn't.

Jon

0 Helpful

Go to solution
Jason Vanlandingham
Level 1
Level 1
In response to Jon Marshall

‎12-18-2014 07:36 AM

In this example, is <internal IP address> the IP of the syslog server or the router IP that the cable modem sends syslog to? And is interface <x> the interface the syslog traffic comes in on, or the interface it should be sent to to be sent to the syslog server?

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Jason Vanlandingham

‎12-18-2014 10:10 AM

Apologies I should have been clearer.

The internal IP address is the syslog server.

Interface <x> connects to the cable modem so that is the interface the syslog traffic will arrive at the router on from the cable modem.

Interface <y> is the one that is used by the router to send the traffic to the syslog.

Jon

0 Helpful

Go to solution
Jason Vanlandingham
Level 1
Level 1
In response to Jon Marshall

‎12-21-2014 11:55 AM

Thanks, that worked beautifully.

Although it took me a few goofed tries to realize the nat translation command is a global command. I should have known that, though. I set up the original translation...just a "brain fart" I guess.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Jason Vanlandingham

‎12-21-2014 12:14 PM

Yes, looking at the configuration I posted I can see why you'd think that, sorry :-)

Glad to hear it's working.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card