Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

SysLog Server Question

Hi!

following guide, added and enabled syslog server on the same LAN:

  1. Installed Kiwi syslogServer on the PC (the same LAN, firewall on this PC is off, sending the test message locally OK)
  2. Added Syslog Server on the SonicWall

Event profile 0

Name or IP address (my local PC where Kiwi is installed)

Server type - Syslog Server

SyslogFormat - default

Syslog Facility - Local use 0

----------------------------------------------------------------------------------------------------

but have nothing on my Kiwi syslog server ...:-( - did I miss something?

Thanks!

Category: Secure Mobile Access Appliances
Reply

Best Answers

  • CORRECT ANSWER
    MustafaAMustafaA SonicWall Employee
    edited March 2023 Answer ✓

    Hey @Norsmith

    I believe you have two options. The first option is to route the internal traffic on the switch itself, which means the inter-VLAN traffic will not reach the firewall, but if they need to access the Internet still a static route will be required on the firewall. The second option is to route all the traffic through the firewall, which requires the configuration of virtual interfaces on the firewall and in this use case you don't need to have a static route on the firewall, as it will be aware of the the internal subnets via the virtual interfaces.

  • CORRECT ANSWER
    NorsmithNorsmith Newbie ✭
    Answer ✓

    Thanks, MUSTAFA, will try.

    Have a question about buying second Sonicwall, want to get one as a sandbox. Bought one on the E-bay, had to return. It was faulty device, each time when I tried to make a changes - had error message, don't remember exactly - something like "unknown error" , returned, got my money back, Beside it I couldn't register it because it was registered already. I have asked seller about it - he replied - I am just reseller, there is no any chance to contact to original owner....

    So - I see another offers, before to buy I asked about registration, Had the answer: "...they work and as i have listed not sure to much on any other info as of what software or how to find out..."

    IF the Sonicwall is registered, and if no chance to contact to previous owner - is it possible to re-register the device?

Answers

  • MustafaAMustafaA SonicWall Employee

    @Norsmith , make sure the Logging Level is set to Inform and you have Events enabled under the Categories and the Event Groups. Also you can use the Packet Monitor utility on the firewall to see the traffic flow to your Syslog Server. The default port is 514/UDP for the Syslog traffic.


  • NorsmithNorsmith Newbie ✭

    2MUSTAFAA 

    Thanks! Already found why :-)

    I haven't add the source IP (my sonicwall's IP) into the the Kiwi syslog server (inputs-->receive message from IP)

    as soon as added - started to get the messages. Thanks anyway! :-)

  • MustafaAMustafaA SonicWall Employee

    I am glad your issue is resolved @Norsmith

  • NorsmithNorsmith Newbie ✭
    edited March 2023
    Another question (building the LAN)
    I have a few CISCO switches (3750 L3 switches) connected to my SonicWall TZ270, can I program in SonicWall route the Cisco vlans? (Know how to do it in CISCO router but not in SonicWall)
    Thanks.
  • MustafaAMustafaA SonicWall Employee

    Hey @Norsmith , short answer is yes. You need to add static route(s) on your firewall. The following KB article may give you some more insight.


  • NorsmithNorsmith Newbie ✭
    Thanks a lot! Will try. In GUI Seems more complicated than just using Cisco commands, hope will get it :-) thanks again!
  • NorsmithNorsmith Newbie ✭

    Hi MUSTAFAA ,

    trying to set it Up don't have a luck yet, guess doing something wrong. To clarify - look the picture pls. I have SonicWall TZ270, CISCO 3750 (L3) switch. Have a several vlans on it. Need to have an access from lets say Vlan1 to Vlan2.

    The CISCO switch is sitting on X0 There are: Vlan1 - takes IP addresses from SonicWall, Vlan2 used DHCP on Cisco Switch (don't have an internet on it)

    So are you saying it possible and it has to be done via Policy/Rules and Policies/Routing Rules?


  • NorsmithNorsmith Newbie ✭

    Hi MUSTAFAA,

    First of all - thanks for the right direction - found, can setup vlans now working on cisco switches connected to my sonicwall.

    Didn't notice right away - found recently - that I can see from my Vlans other vlans... So could u tell where to look to isolate vilans from accessing from other vlans...


    Thanks

    have a great day.

  • MustafaAMustafaA SonicWall Employee

    @Norsmith , if you want to control the traffic between VLANs/Subnets you need to create Access Rules.

  • NorsmithNorsmith Newbie ✭
    Thanks Mustafaa, figured thanks u! :-)
    What about
  • NorsmithNorsmith Newbie ✭
    Keeping you busy, I'd like to ask regarding the HA.
    set it up, hope properly, looking on status, I see that "Settings Synchronized: Yes" and "Stateful HA Synchronized: No"
    Not sure if just to have a wait, or I am done something wrong?
    Secondly in the HIGH AVAILABILITY LICENCES section I see:
    Primary Stateful HA Licensed Yes
    Secondary Stateful HA Licensed: No
    When I bought the License, I was told that I need the the only One license (to apply it to primary) - so question - is it because not synchronized yet or I was wrong and had to buy 2 licenses?
    Thanks
  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Norsmith to have the Secondary as Licensed as well it needs to be promoted to be active and you probably need to do a license sync. After that you can switch back to the Primary, but the license need to be loaded one time because these are not transferred from the Primary unit automatically.

    --Michael@BWC

  • NorsmithNorsmith Newbie ✭

    to BWC 

    Thanks, didn't notice that I had "restarting is required" warning. After that I got:

    Primary Stateful HA Licensed

    Yes

    Secondary Stateful HA Licensed

    Yes


    BTW - when I reboot the primary as it was required - I didn't lost my internet - the second one was Active.

    So now - I am fine - HA works perfectly -tested it. Another question regarding HA status, want to setup

    to send the report in case if the status is changed - is it the only one email address is acceptable?

    Tried multiple addresses using , or ; to separate the email addresses - it doesn't take more than one...


  • MustafaAMustafaA SonicWall Employee

    @Norsmith , if you would like to get instant email notification when there is a change in the Acitve-Standby, you'd better use the Alert option.

  • NorsmithNorsmith Newbie ✭

    Hi,

    Is it possible in my SonicWall270 to allow the DHCP lease just for the MAC Address listed devices? (I mean wired LAN)

    Thanks!

Sign In or Register to comment.