SysLog Server Question

Hi!
following guide, added and enabled syslog server on the same LAN:
- Installed Kiwi syslogServer on the PC (the same LAN, firewall on this PC is off, sending the test message locally OK)
- Added Syslog Server on the SonicWall
Event profile 0
Name or IP address (my local PC where Kiwi is installed)
Server type - Syslog Server
SyslogFormat - default
Syslog Facility - Local use 0
----------------------------------------------------------------------------------------------------
but have nothing on my Kiwi syslog server ...:-( - did I miss something?
Thanks!
Best Answers
-
MustafaA SonicWall Employee
Hey @Norsmith
I believe you have two options. The first option is to route the internal traffic on the switch itself, which means the inter-VLAN traffic will not reach the firewall, but if they need to access the Internet still a static route will be required on the firewall. The second option is to route all the traffic through the firewall, which requires the configuration of virtual interfaces on the firewall and in this use case you don't need to have a static route on the firewall, as it will be aware of the the internal subnets via the virtual interfaces.
0 -
Norsmith Newbie ✭
Thanks, MUSTAFA, will try.
Have a question about buying second Sonicwall, want to get one as a sandbox. Bought one on the E-bay, had to return. It was faulty device, each time when I tried to make a changes - had error message, don't remember exactly - something like "unknown error" , returned, got my money back, Beside it I couldn't register it because it was registered already. I have asked seller about it - he replied - I am just reseller, there is no any chance to contact to original owner....
So - I see another offers, before to buy I asked about registration, Had the answer: "...they work and as i have listed not sure to much on any other info as of what software or how to find out..."
IF the Sonicwall is registered, and if no chance to contact to previous owner - is it possible to re-register the device?
0
Answers
@Norsmith , make sure the Logging Level is set to Inform and you have Events enabled under the Categories and the Event Groups. Also you can use the Packet Monitor utility on the firewall to see the traffic flow to your Syslog Server. The default port is 514/UDP for the Syslog traffic.
2MUSTAFAA
Thanks! Already found why :-)
I haven't add the source IP (my sonicwall's IP) into the the Kiwi syslog server (inputs-->receive message from IP)
as soon as added - started to get the messages. Thanks anyway! :-)
I am glad your issue is resolved @Norsmith
I have a few CISCO switches (3750 L3 switches) connected to my SonicWall TZ270, can I program in SonicWall route the Cisco vlans? (Know how to do it in CISCO router but not in SonicWall)
Thanks.
Hey @Norsmith , short answer is yes. You need to add static route(s) on your firewall. The following KB article may give you some more insight.
Hi MUSTAFAA ,
trying to set it Up don't have a luck yet, guess doing something wrong. To clarify - look the picture pls. I have SonicWall TZ270, CISCO 3750 (L3) switch. Have a several vlans on it. Need to have an access from lets say Vlan1 to Vlan2.
The CISCO switch is sitting on X0 There are: Vlan1 - takes IP addresses from SonicWall, Vlan2 used DHCP on Cisco Switch (don't have an internet on it)
So are you saying it possible and it has to be done via Policy/Rules and Policies/Routing Rules?
@Norsmith , you will find your answers in the following KB article.