AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of cpatte7372
cpatte7372
Flag for United Kingdom of Great Britain and Northern Ireland asked on

Cisco Syslog Server Question?

Hello Experts,

Can someone please tell me why the syslog server in my lab will only recieve alerts from Orangutan and Drill?

I can't get the syslog server to receive alerts or syslog messages from Gibbon or Chimpanzee.

Please configs and attached topology

Cheers

Carlton
SCREENSHOT.png
12-57-52--Chimpanzee-127.0.0.1-.txt
12-58-01--Drill-127.0.0.1-.txt
12-58-09--Gibbon-127.0.0.1-.txt
12-58-18--Orangutan-127.0.0.1-.txt
RoutersNetwork ArchitectureNetwork OperationsNetworking Hardware-OtherNetworking Protocols
Avatar of undefined
Last Comment
cpatte7372
8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
rauenpc
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
cpatte7372
ASKER
Hello rauenpc,

Thanks for responding.

The default gateway 192.168.1.2 is the connection to Gibbon

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Loopback Adapter
   Physical Address. . . . . . . . . : 02-00-4C-4F-4F-50
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::bcf2:805d:59aa:2b65%16(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.2
   DHCPv6 IAID . . . . . . . . . . . : 268566604
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-66-DE-C4-BC-AE-C5-E1-B0-15

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

The route print is as follows:
C:\Users\User>route print
===========================================================================
Interface List
 16...02 00 4c 4f 4f 50 ......Microsoft Loopback Adapter
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.2      192.168.1.1    286
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.1    286
      192.168.1.1  255.255.255.255         On-link       192.168.1.1    286
    192.168.1.255  255.255.255.255         On-link       192.168.1.1    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.1    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.1    286
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.1.2  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 16    286 fe80::/64                On-link
 16    286 fe80::bcf2:805d:59aa:2b65/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

rauenpc, does this tell you anything?


Cheers
rauenpc
That all looks good. I just wanted to make sure this wasn't a goofy static route on a server (which I actually have seen in production networks).

Next I would look in to setting the snmp trap-source interface, and also making sure you can ping the server from the routers in question while using the trap-source interface as a ping source.

Also, is there full connectivity in your network from the server? Can you ping each interface on all routers?
cpatte7372
ASKER
Rauenpc

I ping all interfaces from the server. I can also ping the server from all routers.

Any more suggestions?
Your help has saved me hundreds of hours of internet surfing.
fblack61
mikebernhardt
If you can ping all of the router interfaces from the server then it should receive syslog traffic based on your configs. Here's a thought: Is it possible that windows firewall is blocking some of the syslog traffic?
cpatte7372
ASKER
Cheers
cpatte7372
ASKER
Cheers
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent