Netscreen 50 and RedHat Linux Syslog problem

- A
- Asterisk
  
  Contact options for registered users
posted
18 years ago

Fri, Aug 5, 2005 6:07 AM

Hi Experts,

Have anyone ever tried that sending all logs from Netscreen 50 to a RedHat Linux syslogd ?

My Linux Syslogd can receive the logs from my Cisco LAN switches, but can't receive any logs from my Netscreen 50.

I've already configure my Netscreen 50 to send "Events" and "Traffic" logs to my Linux host with UDP port 514. Both "Security Facility" and "Facility" are set into "LOCAL0". I've confirmed that my Linux is listening to this port.

In LINUX "/etc/syslog.conf", I've this entry: local0.* /var/log/netscreen.log

May some experts give me suggestions ? Million thanks !!!

Loading thread data ...

- R
- rahmant
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Fri, Aug 5, 2005 5:23 PM

Can you run a tcpdump on the syslog server to see if the firewall is even attempting to connect?

- A
- Asterisk
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Sat, Aug 6, 2005 12:34 AM

HI Rahmant,

Thanks v. much for your advice. It points out the problem. The syslog traffic is blocked by the 1st tier firewall. Now is ok ! Thanks !! :)

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.