I have some machines behind a firewall VLAN of <a href="http://10.0.240.0">10.0.240.0</a> sending logs to a Linux Syslog server on the <a href="http://10.0.230.0">10.0.230.0</a> network.<br>The 2 machines are <a href="http://10.0.240.71">
10.0.240.71</a> and <a href="http://10.0.240.72">10.0.240.72</a> and the Syslog server is <a href="http://10.0.230.222">10.0.230.222</a>.<br>They are Windows and I am using the Eventlog to Syslog utility from Purdue University (
<a href="https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys">https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys</a>) to convert the Windows event logs to Syslog.<br><br>Syslog is getting the information, however, any information from the 2 machines are coming in as 
<a href="http://10.0.230.1">10.0.230.1</a>.<br>-------<br>Sep 28 11:37:54 <a href="http://10.0.230.1">10.0.230.1</a> Service Control ....... &lt;---- This machine is actually <a href="http://10.0.240.71">10.0.240.71</a><br>
-------<br>Is there a way to get Syslog to read the correct IP information?&nbsp; or does Syslog simply not pass correct host information through a router?<br><br>thanks,<br>tom<br><br><br>