Question : Syslog Files from Cisco to Kiwi SysLog

I am trying to configure syslog from a Cisco router to a Windows server running Kiwi Syslog. The two devices are on separate subnets.

192.168.2.1 is the internal IP of the Cisco router that is to be logging to the syslog. I have been able to configure the Windows server behind the router to send log messages to the syslog server. I have also been able to configure other devices, from other subnets, to send messages to the syslog server.

Below is the configuration for the Cisco.

Current configuration : 3253 bytes
!
version 12.4
no parser cache
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Hostname
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$SG86$KQ4ZTUTqLCy8GJH5CL15L0
!
no aaa new-model
!
resource policy
!
memory-size iomem 25
clock timezone EST -5
clock summer-time EDT recurring
no ip source-route
!
!
ip cef
ip dhcp ping packets 0
!
!
ip domain name mydomain.com
ip name-server xxx.xxx.xx.x
ip name-server xxx.xxx.xx.x
ip name-server xxx.xxx.xx.x
ip name-server xxx.xxx.xx.x
!
!
!
username "username1" password 7 002C4253200F5B355F0758
username "username2" password 7 051A355872580D2340
!
!
!
crypto isakmp policy 10
 authentication pre-share
crypto isakmp key key address xxx.xxx.xx.x
crypto isakmp key key address xxx.xxx.xx.x
!
!
crypto ipsec transform-set myset esp-3des esp-md5-hmac
!
crypto map final 10 ipsec-isakmp
 set peer xxx.xxx.xx.x
 set transform-set myset
 match address 109
crypto map final 20 ipsec-isakmp
 set peer xxx.xxx.xx.x
 set transform-set myset
 match address 110
!
!
!
!
interface FastEthernet0
 ip address xxx.xxx.xx.x 255.255.255.252
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 crypto map hscfinal
!
interface FastEthernet1
 ip address 192.168.2.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 no ip mroute-cache
 duplex auto
 speed auto
!
interface FastEthernet2
 shutdown
!
interface FastEthernet3
 shutdown
!
interface FastEthernet4
 shutdown
!
interface FastEthernet5
 shutdown
!
interface FastEthernet6
 shutdown
!
interface FastEthernet7
 shutdown
!
interface FastEthernet8
 shutdown
!
interface FastEthernet9
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
interface Async1
 no ip address
 encapsulation slip
!
ip route 0.0.0.0 0.0.0.0 Ext.ern.al.IP
ip route Int.ern.al.IP 255.255.255.0 Ext.ern.al.IP
!
!
no ip http server
no ip http secure-server
ip nat pool natmain xxx.xxx.xx.x xxx.xxx.xx.x netmask 255.255.255.252
ip nat inside source list 101 pool natmain overload
!
logging trap debugging
logging "IP of syslog server - Server is on seperate subnet"
access-list 30 permit xxx.xxx.xx.x 0.15.255.255
access-list 30 permit xxx.xxx.xx.x 0.0.7.255
access-list 101 deny   ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 192.168.2.0 0.0.0.255 any
access-list 109 permit ip 192.168.2.0 0.0.0.255 Int.ern.al.IP 0.0.0.255
access-list 109 permit ip 192.168.2.0 0.0.0.255 Int.ern.al.IP 0.0.0.255
access-list 109 permit ip 192.168.2.0 0.0.0.255 Int.ern.al.IP 0.0.0.255
access-list 109 permit ip Int.ern.al.IP 0.0.0.255 192.168.2.0 0.0.0.255
access-list 109 permit ip Int.ern.al.IP 0.0.0.255 192.168.2.0 0.0.0.255
access-list 109 permit ip Int.ern.al.IP 0.0.0.255 192.168.2.0 0.0.0.255
access-list 110 permit ip Int.ern.al.IP 0.0.0.255 192.168.2.0 0.0.0.255
access-list 110 permit ip 192.168.2.0 0.0.0.255 Int.ern.al.IP 0.0.0.255
snmp-server community private RW 30
snmp-server enable traps tty
!
!
!
!
!
!
control-plane
!
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 password 7 070C20451E080B04
 login
!
!
webvpn context Default_context
 ssl authenticate verify all
 !
 no inservice
!
end

Any questions, just ask.

Thanks in advance

Answer : Syslog Files from Cisco to Kiwi SysLog

http://www.spamcop.net/ may also have relevant services, could pull from the ISP then your clients pull from spamcop, uses your choice of emial in the "From" header etc.