Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco Syslog Server Question?

Posted on 2012-12-24
10
Medium Priority
?
465 Views
Last Modified: 2013-06-21
Hello Experts,

Can someone please tell me why the syslog server in my lab will only recieve alerts from Orangutan and Drill?

I can't get the syslog server to receive alerts or syslog messages from Gibbon or Chimpanzee.

Please configs and attached topology

Cheers

Carlton
SCREENSHOT.png
12-57-52--Chimpanzee-127.0.0.1-.txt
12-58-01--Drill-127.0.0.1-.txt
12-58-09--Gibbon-127.0.0.1-.txt
12-58-18--Orangutan-127.0.0.1-.txt
0
Comment
Question by:cpatte7372
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
10 Comments
 
LVL 20

Accepted Solution

by:
rauenpc earned 2000 total points
ID: 38718550
I assume the syslog server has a simple default route pointing at Gibbon, correct?
If this is a Windows server, you can post an 'ipconfig/all' and 'route print' to verify.

Whenever you setup logging, traps, netflow, SNMP, or anything that does automatic reporting you should set the source interface manually. This applies to labs as well as production networks.

I would set the source interface so that, at the least, you know what the source IP will be from all routers. Also, check the routing tables to make sure all IP's are reachable.

The only other difference I see in your configs is that Drill and Orangutan don't have Loopback addresses unlike the other two.
0
 

Author Comment

by:cpatte7372
ID: 38718954
Hello rauenpc,

Thanks for responding.

The default gateway 192.168.1.2 is the connection to Gibbon

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Loopback Adapter
   Physical Address. . . . . . . . . : 02-00-4C-4F-4F-50
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::bcf2:805d:59aa:2b65%16(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.2
   DHCPv6 IAID . . . . . . . . . . . : 268566604
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-66-DE-C4-BC-AE-C5-E1-B0-15

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

The route print is as follows:
C:\Users\User>route print
===========================================================================
Interface List
 16...02 00 4c 4f 4f 50 ......Microsoft Loopback Adapter
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.2      192.168.1.1    286
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.1    286
      192.168.1.1  255.255.255.255         On-link       192.168.1.1    286
    192.168.1.255  255.255.255.255         On-link       192.168.1.1    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.1    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.1    286
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.1.2  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 16    286 fe80::/64                On-link
 16    286 fe80::bcf2:805d:59aa:2b65/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

rauenpc, does this tell you anything?


Cheers
0
 
LVL 20

Expert Comment

by:rauenpc
ID: 38719018
That all looks good. I just wanted to make sure this wasn't a goofy static route on a server (which I actually have seen in production networks).

Next I would look in to setting the snmp trap-source interface, and also making sure you can ping the server from the routers in question while using the trap-source interface as a ping source.

Also, is there full connectivity in your network from the server? Can you ping each interface on all routers?
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 

Author Comment

by:cpatte7372
ID: 38723052
Rauenpc

I ping all interfaces from the server. I can also ping the server from all routers.

Any more suggestions?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 38727848
If you can ping all of the router interfaces from the server then it should receive syslog traffic based on your configs. Here's a thought: Is it possible that windows firewall is blocking some of the syslog traffic?
0
 

Author Comment

by:cpatte7372
ID: 38753851
Cheers
0
 

Author Closing Comment

by:cpatte7372
ID: 39265607
Cheers
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question