SysLog Server Question
Norsmith
Newbie ✭
Hi!
following guide, added and enabled syslog server on the same LAN:
- Installed Kiwi syslogServer on the PC (the same LAN, firewall on this PC is off, sending the test message locally OK)
- Added Syslog Server on the SonicWall
Event profile 0
Name or IP address (my local PC where Kiwi is installed)
Server type - Syslog Server
SyslogFormat - default
Syslog Facility - Local use 0
----------------------------------------------------------------------------------------------------
but have nothing on my Kiwi syslog server ...:-( - did I miss something?
Thanks!
Best Answers
-
CORRECT ANSWER
MustafaA
SonicWall Employee
Hey @Norsmith
I believe you have two options. The first option is to route the internal traffic on the switch itself, which means the inter-VLAN traffic will not reach the firewall, but if they need to access the Internet still a static route will be required on the firewall. The second option is to route all the traffic through the firewall, which requires the configuration of virtual interfaces on the firewall and in this use case you don't need to have a static route on the firewall, as it will be aware of the the internal subnets via the virtual interfaces.
0 -
CORRECT ANSWERNorsmith
Newbie ✭
Thanks, MUSTAFA, will try.
Have a question about buying second Sonicwall, want to get one as a sandbox. Bought one on the E-bay, had to return. It was faulty device, each time when I tried to make a changes - had error message, don't remember exactly - something like "unknown error" , returned, got my money back, Beside it I couldn't register it because it was registered already. I have asked seller about it - he replied - I am just reseller, there is no any chance to contact to original owner....
So - I see another offers, before to buy I asked about registration, Had the answer: "...they work and as i have listed not sure to much on any other info as of what software or how to find out..."
IF the Sonicwall is registered, and if no chance to contact to previous owner - is it possible to re-register the device?
0
Answers
@Norsmith , make sure the Logging Level is set to Inform and you have Events enabled under the Categories and the Event Groups. Also you can use the Packet Monitor utility on the firewall to see the traffic flow to your Syslog Server. The default port is 514/UDP for the Syslog traffic.
2MUSTAFAA
Thanks! Already found why :-)
I haven't add the source IP (my sonicwall's IP) into the the Kiwi syslog server (inputs-->receive message from IP)
as soon as added - started to get the messages. Thanks anyway! :-)
I am glad your issue is resolved @Norsmith
I have a few CISCO switches (3750 L3 switches) connected to my SonicWall TZ270, can I program in SonicWall route the Cisco vlans? (Know how to do it in CISCO router but not in SonicWall)
Thanks.
Hey @Norsmith , short answer is yes. You need to add static route(s) on your firewall. The following KB article may give you some more insight.
Hi MUSTAFAA ,
trying to set it Up don't have a luck yet, guess doing something wrong. To clarify - look the picture pls. I have SonicWall TZ270, CISCO 3750 (L3) switch. Have a several vlans on it. Need to have an access from lets say Vlan1 to Vlan2.
The CISCO switch is sitting on X0 There are: Vlan1 - takes IP addresses from SonicWall, Vlan2 used DHCP on Cisco Switch (don't have an internet on it)
So are you saying it possible and it has to be done via Policy/Rules and Policies/Routing Rules?
@Norsmith , you will find your answers in the following KB article.
Hi MUSTAFAA,
First of all - thanks for the right direction - found, can setup vlans now working on cisco switches connected to my sonicwall.
Didn't notice right away - found recently - that I can see from my Vlans other vlans... So could u tell where to look to isolate vilans from accessing from other vlans...
Thanks
have a great day.
@Norsmith , if you want to control the traffic between VLANs/Subnets you need to create Access Rules.
What about
set it up, hope properly, looking on status, I see that "Settings Synchronized: Yes" and "Stateful HA Synchronized: No"
Not sure if just to have a wait, or I am done something wrong?
Secondly in the HIGH AVAILABILITY LICENCES section I see:
Primary Stateful HA Licensed Yes
Secondary Stateful HA Licensed: No
When I bought the License, I was told that I need the the only One license (to apply it to primary) - so question - is it because not synchronized yet or I was wrong and had to buy 2 licenses?
Thanks
@Norsmith to have the Secondary as Licensed as well it needs to be promoted to be active and you probably need to do a license sync. After that you can switch back to the Primary, but the license need to be loaded one time because these are not transferred from the Primary unit automatically.
--Michael@BWC
to BWC
Thanks, didn't notice that I had "restarting is required" warning. After that I got:
Primary Stateful HA Licensed
Yes
Secondary Stateful HA Licensed
Yes
BTW - when I reboot the primary as it was required - I didn't lost my internet - the second one was Active.
So now - I am fine - HA works perfectly -tested it. Another question regarding HA status, want to setup
to send the report in case if the status is changed - is it the only one email address is acceptable?
Tried multiple addresses using , or ; to separate the email addresses - it doesn't take more than one...
@Norsmith , if you would like to get instant email notification when there is a change in the Acitve-Standby, you'd better use the Alert option.
Hi,
Is it possible in my SonicWall270 to allow the DHCP lease just for the MAC Address listed devices? (I mean wired LAN)
Thanks!