Link to home
Start Free TrialLog in
Avatar of cpatte7372
cpatte7372Flag for United Kingdom of Great Britain and Northern Ireland

asked on

Cisco Syslog Server Question?

Hello Experts,

Can someone please tell me why the syslog server in my lab will only recieve alerts from Orangutan and Drill?

I can't get the syslog server to receive alerts or syslog messages from Gibbon or Chimpanzee.

Please configs and attached topology

Cheers

Carlton
SCREENSHOT.png
12-57-52--Chimpanzee-127.0.0.1-.txt
12-58-01--Drill-127.0.0.1-.txt
12-58-09--Gibbon-127.0.0.1-.txt
12-58-18--Orangutan-127.0.0.1-.txt
ASKER CERTIFIED SOLUTION
Avatar of rauenpc
rauenpc
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of cpatte7372
cpatte7372
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Hello rauenpc,

Thanks for responding.

The default gateway 192.168.1.2 is the connection to Gibbon

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Loopback Adapter
   Physical Address. . . . . . . . . : 02-00-4C-4F-4F-50
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::bcf2:805d:59aa:2b65%16(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.2
   DHCPv6 IAID . . . . . . . . . . . : 268566604
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-66-DE-C4-BC-AE-C5-E1-B0-15

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

The route print is as follows:
C:\Users\User>route print
===========================================================================
Interface List
 16...02 00 4c 4f 4f 50 ......Microsoft Loopback Adapter
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.2      192.168.1.1    286
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.1    286
      192.168.1.1  255.255.255.255         On-link       192.168.1.1    286
    192.168.1.255  255.255.255.255         On-link       192.168.1.1    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.1    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.1    286
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.1.2  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 16    286 fe80::/64                On-link
 16    286 fe80::bcf2:805d:59aa:2b65/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

rauenpc, does this tell you anything?


Cheers
Avatar of rauenpc
rauenpc
Flag of United States of America image
That all looks good. I just wanted to make sure this wasn't a goofy static route on a server (which I actually have seen in production networks).

Next I would look in to setting the snmp trap-source interface, and also making sure you can ping the server from the routers in question while using the trap-source interface as a ping source.

Also, is there full connectivity in your network from the server? Can you ping each interface on all routers?
Avatar of cpatte7372
cpatte7372
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Rauenpc

I ping all interfaces from the server. I can also ping the server from all routers.

Any more suggestions?
Avatar of mikebernhardt
mikebernhardt
Flag of United States of America image
If you can ping all of the router interfaces from the server then it should receive syslog traffic based on your configs. Here's a thought: Is it possible that windows firewall is blocking some of the syslog traffic?
Avatar of cpatte7372
cpatte7372
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Cheers
Avatar of cpatte7372
cpatte7372
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Cheers