JimPletcher
Premium
join:2004-04-05
Enola, PA
| Trouble getting SysLog from 645R
Setup 645R to deliver SysLogs to local PC using instructions from Link Logger at
»www.linklogger.com/prestige_netg···etup.htm.
Logs are not reaching the local PC (as checked with Link Logger & Syslog sniffer.
Have tried with Windows XP, & Win98
Is there any way to check the setup? |
|
bbarrera
Premium,MVM
join:2000-10-23
Sacramento, CA
clubs: | Software firewalls can get in the way. Assuming your PC has IP = 192.168.1.100 you may want to try configuring Zyxel syslog to use 192.168.1.100 instead of 192.168.1.255. |
|
JimPletcher
Premium
join:2004-04-05
Enola, PA | Thanks, bbarrera, for the response.
With the software firewall both on and off, I have tried pointing Zyxel directly to the local IP address(es)of two different PCs and broadcasting via x.x.x.255.
Zyxel firmware 3.40 |
|
bbarrera
Premium,MVM
join:2000-10-23
Sacramento, CA
clubs:
 ·SureWest Internet
| With ZoneAlarm you should specifically allow UDP 514 traffic. With previous versions of ZoneAlarm I've had to explicitly allow traffic even with ZoneAlarm firewall turned off. The TruVector service is still running even when ZoneAlarm is turned off (unless you disable on boot and then reboot). |
|
JimPletcher
Premium
join:2004-04-05
Enola, PA | bbarrera,
I didn't know that.
But, it's not the software firewall because:
1.) I just disabled on boot and rebooted the WinXP, and
2.) The Win98 PC doesn't have a software firewall (now)
Still no logs. |
|
Rizal7
Best Cheater Wins
join:2001-02-21
Norway
| reply to JimPletcher
First please post your rules, ie menu 21 and where you have activated them, menu 11.5 and 3.1, so somebody here can double check them.
Secondly show how you have setup the syslog server.
Third run the embedded packet sniffer on the P645R and check if any syslog packets are actually leaving the P645R.
»www.zyxel.com/support/supportnot···race.htm
Rizal
--
Without Turing, I'd either be out of a job, or working for the Nazis.-- an IT Technician |
|
JimPletcher
Premium
join:2004-04-05
Enola, PA
| Thanks Rizal,
The embedded packet sniffer displayed online traces for both LAN & Wan packets.
Concerning the rules:
I hope this method of posting a screen shot is acceptable, I have a lot to learn about using this forum.
Concerning the syslog server:
If you mean the PC(s)to display the syslog, they are a WinXP Pro PC and a Win98 PC, both with Link Logger and the LinkLogger syslog sniffer. The software firewall has been temporarily removed from the Win98 PC |
|
JimPletcher
Premium
join:2004-04-05
Enola, PA
| My apologies, I should have added these rule descriptions. |
|
jbibe
Premium,MVM
join:2001-02-22
| Your menu 11.5 figure shows that filter set 11 follows filter set 1. Did you modify the last rule in filter set 1 to change "Not Matched=Forward" to "Not Matched=Check Next Rule"?
Do you have the correct version of Link Logger? I am not familiar with the 645R.
Did you set filter set 11 as Input and filter set 12 as Output in Link Logger?
Does Link Logger show any messages along the bottom edge of its display? |
|
JimPletcher
Premium
join:2004-04-05
Enola, PA
| Thanks jbibe!
I temporarily removed filter set 1, still no log.
I downloaded the "Prestige" version of Link Logger, which SEEMS to be the right one - and Blake McNeill of LinkLogger thinks it should work. The 645 is the basic router provided by Sprint, Earthlink, Verizon & a few others in this area.
Filter set 11 & 12 are input & ooutput respectively in Link Logger.
The only (visual) activity in Link Logger is the running clock at the bottom. Otherwise - everything is static.
Aparently, the 645 is generating log traffic, but neither of the two PCs are able to pick it up. My knowledge of Linux is too weak to try an available Linux machine.
Does anyone know of another way to capture the Syslog on a Windows PC? Even if it's just for testing! |
|
