Microsoft
Software
Hardware
Network
Question : Syslog Files from Cisco to Kiwi SysLog
I am trying to configure syslog from a Cisco router to a Windows server running Kiwi Syslog. The two devices are on separate subnets.
192.168.2.1 is the internal IP of the Cisco router that is to be logging to the syslog. I have been able to configure the Windows server behind the router to send log messages to the syslog server. I have also been able to configure other devices, from other subnets, to send messages to the syslog server.
Below is the configuration for the Cisco.
Current configuration : 3253 bytes
!
version 12.4
no parser cache
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Hostname
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$SG86$KQ4ZTUTqLCy8GJH5CL
15L0
!
no aaa new-model
!
resource policy
!
memory-size iomem 25
clock timezone EST -5
clock summer-time EDT recurring
no ip source-route
!
!
ip cef
ip dhcp ping packets 0
!
!
ip domain name mydomain.com
ip name-server xxx.xxx.xx.x
ip name-server xxx.xxx.xx.x
ip name-server xxx.xxx.xx.x
ip name-server xxx.xxx.xx.x
!
!
!
username "username1" password 7 002C4253200F5B355F0758
username "username2" password 7 051A355872580D2340
!
!
!
crypto isakmp policy 10
authentication pre-share
crypto isakmp key key address xxx.xxx.xx.x
crypto isakmp key key address xxx.xxx.xx.x
!
!
crypto ipsec transform-set myset esp-3des esp-md5-hmac
!
crypto map final 10 ipsec-isakmp
set peer xxx.xxx.xx.x
set transform-set myset
match address 109
crypto map final 20 ipsec-isakmp
set peer xxx.xxx.xx.x
set transform-set myset
match address 110
!
!
!
!
interface FastEthernet0
ip address xxx.xxx.xx.x 255.255.255.252
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map hscfinal
!
interface FastEthernet1
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip mroute-cache
duplex auto
speed auto
!
interface FastEthernet2
shutdown
!
interface FastEthernet3
shutdown
!
interface FastEthernet4
shutdown
!
interface FastEthernet5
shutdown
!
interface FastEthernet6
shutdown
!
interface FastEthernet7
shutdown
!
interface FastEthernet8
shutdown
!
interface FastEthernet9
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Async1
no ip address
encapsulation slip
!
ip route 0.0.0.0 0.0.0.0 Ext.ern.al.IP
ip route Int.ern.al.IP 255.255.255.0 Ext.ern.al.IP
!
!
no ip http server
no ip http secure-server
ip nat pool natmain xxx.xxx.xx.x xxx.xxx.xx.x netmask 255.255.255.252
ip nat inside source list 101 pool natmain overload
!
logging trap debugging
logging "IP of syslog server - Server is on seperate subnet"
access-list 30 permit xxx.xxx.xx.x 0.15.255.255
access-list 30 permit xxx.xxx.xx.x 0.0.7.255
access-list 101 deny ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 192.168.2.0 0.0.0.255 any
access-list 109 permit ip 192.168.2.0 0.0.0.255 Int.ern.al.IP 0.0.0.255
access-list 109 permit ip 192.168.2.0 0.0.0.255 Int.ern.al.IP 0.0.0.255
access-list 109 permit ip 192.168.2.0 0.0.0.255 Int.ern.al.IP 0.0.0.255
access-list 109 permit ip Int.ern.al.IP 0.0.0.255 192.168.2.0 0.0.0.255
access-list 109 permit ip Int.ern.al.IP 0.0.0.255 192.168.2.0 0.0.0.255
access-list 109 permit ip Int.ern.al.IP 0.0.0.255 192.168.2.0 0.0.0.255
access-list 110 permit ip Int.ern.al.IP 0.0.0.255 192.168.2.0 0.0.0.255
access-list 110 permit ip 192.168.2.0 0.0.0.255 Int.ern.al.IP 0.0.0.255
snmp-server community private RW 30
snmp-server enable traps tty
!
!
!
!
!
!
control-plane
!
!
line con 0
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
password 7 070C20451E080B04
login
!
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
Any questions, just ask.
Thanks in advance
Answer : Syslog Files from Cisco to Kiwi SysLog
http://www.spamcop.net/
may also have relevant services, could pull from the ISP then your clients pull from spamcop, uses your choice of emial in the "From" header etc.
Random Solutions
Desktop Dating Site - criminal activity - given new web privacy laws for such as Facebook
Remote Web Workplace different website address
stop error oxoooooo7b(OxF78D2524,OxC0
000034 will not load XP setup!!!!!!!
Sync Center and Moving Redirected Folder in SBS2008
How can I create a signature capture in iPhone SDK?
sysstat ntbackup problem "Registry Writer" has reported an error 0x800423f1
EtherChannel on Cisco 2960 switch intermittent dropped packet
What's the meaning of "meta:resourcekey="some_va
lue""?
asp.net + modal popup
PHP SESSION id IN QUERY STRING