[syslog-ng] Host behind a NAT and multiple log files
Balazs Scheidler
bazsi77 at gmail.com
Tue Feb 5 21:44:20 CET 2013
----- Original message -----
> Hi everyone
>
> I've recently configured a syslog's server using syslog-ng and i have an
> issue to log from hosts that are outside my network in some place on
> internet.
> This is the thing, i have a few APs and a pfsense firewall/router. Each
> AP can log to a remote syslog server with a specific port.
> In my syslog server i add a new source, filter, destination and target
> and in pfsense box i create the rule to let pass trafic to the internal
> ap's IP.
> But the problem comes when i do the same for another AP, i configure
> another port but the syslog server doesn' t log.
>
> There is a way to log from remote multiple hosts that are behind just
> one public IP?
yeah, sure there is. if the syslog connection is initiated from behind the nat box, it should work just fine.
your email misses some important information to judge what could go wrong. are you using udp or tcp?
on the syslog server, one port should be enough, network wise, unless you are using the incoming port as the basis for filtering in your syslog-ng config.
the best way to approach this problem is to check whether the packets of the 2nd ap make it to the syslog server. you can use tcpdump for this purpose. once you know they do, things should get simple to figure out.
>
> Thanks in advance and sorry for my english.
no need to apologize, your English is great, and I'm not a native speaker either. I guess communication in Hungarian (my native language) would be more cumbersome.
Cheers,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20130205/77f9faa4/attachment.htm
More information about the syslog-ng
mailing list