MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Cisco syslog Server Pt2
Posted on 2012-12-27
Hello Experts
Can someone please tell me why I'm able to send syslog messages to the syslog server shown in the diagram from R4 on interface e1/1 but not on e1/3 or fas 0/0. Also why I can send syslog messages from R1 on e1/3 but not on eth 1/1 or eth 1/2.
Please see configs
Cheers
Carlton
16-44-28--R1-127.0.0.1-.txt
16-44-31--R4-127.0.0.1-.txt
16-44-35--R2-127.0.0.1-.txt
16-44-38--R3-127.0.0.1-.txt
newscreen.png
Can someone please tell me why I'm able to send syslog messages to the syslog server shown in the diagram from R4 on interface e1/1 but not on e1/3 or fas 0/0. Also why I can send syslog messages from R1 on e1/3 but not on eth 1/1 or eth 1/2.
Please see configs
Cheers
Carlton
16-44-28--R1-127.0.0.1-.txt
16-44-31--R4-127.0.0.1-.txt
16-44-35--R2-127.0.0.1-.txt
16-44-38--R3-127.0.0.1-.txt
newscreen.png
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
4 Comments
Active 1 day ago
As the syslog messages are usually sent via UDP, the source address shouldn't really matter ... out of curiosity, can you do a ping to the syslog server with the different interfaces as source? Also, what sort of syslog server are you using? I suppose there aren't any access rules or IP filters configured? Any chance of doing a tcpdump/wireshark capture on the syslog server?
Hello,
Routing table by syslog IP address tells router on which interface to send syslog messages.
So in your case for routers R1 and R4 to reach syslog server at 192.168.1.2, syslog packets will go out e1/3 on R1, and e1/1 on R4.
Normally, a syslog message contains the IP address of the interface it uses to leave the router. The logging source-interface command specifies that syslog packets contain the IP address of a particular interface, regardless of which interface the packet uses to exit the router.
So you can't force router to send syslog through particular interface (theoretically you can by setting static route or PBR, but I don't see any valid reason to do it), you can only set IP address in the syslog message by which you will identify router.
Regards!
Routing table by syslog IP address tells router on which interface to send syslog messages.
So in your case for routers R1 and R4 to reach syslog server at 192.168.1.2, syslog packets will go out e1/3 on R1, and e1/1 on R4.
Normally, a syslog message contains the IP address of the interface it uses to leave the router. The logging source-interface command specifies that syslog packets contain the IP address of a particular interface, regardless of which interface the packet uses to exit the router.
So you can't force router to send syslog through particular interface (theoretically you can by setting static route or PBR, but I don't see any valid reason to do it), you can only set IP address in the syslog message by which you will identify router.
Regards!
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Problem Description:
Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s.
We were in need for public IP’s to publish our web resour…
In the hope of saving someone else's sanity...
About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month4 days, 4 hours left to enroll
Earn Certification
Cisco CCNA R&S: ICND2 v3
$197.00$177.30
Earn Certification
Cisco CCENT R&S: ICND1 v3
$197.00$177.30
630 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.