MSR Series
NAT Syslog configuration
Keywords: MSR; NAT; Syslog; Loghost
1. Customer requirements
MSR as the NAT gateway between the customer’s intranet and the internet, the customer wants the each NAT session generates one record that to be inserted into the syslog and sent to a remote loghost.
Devices list: 1 MSR router, 2 PC.
2. Topology
3. Active Configurations
MSR key configuration
#
// Specify the remote loghost’s ip address which use the UDP port 514
info-center loghost 10.153.43.106
#
// Enable the NAT log to be inserted into the Syslog
userlog nat syslog
#
// The acl for NAT
acl number 2000
rule 0 permit source 10.153.43.0 0.0.0.255
#
// The interface connects to the Intranet
interface GigabitEthernet0/0
port link-mode route
ip address 10.153.43.112 255.255.255.0
#
// The interface connects to the Internet
interface GigabitEthernet0/1
port link-mode route
// Enable the traffic defined by ACL 2000 to be translated by NAT
nat outbound 2000
ip address 1.2.0.1 255.255.255.252
#
// Enable the NAT log function
nat log enable
// The NAT log will be created as well as the NAT session created
nat log flow-begin
// Insert the NAT log every 10 minutes when the NAT session alive
nat log flow-active 10
#
4. Some advice
1) NAT log function is not opened by default.
2) NAT log triggered by NAT is different from Syslog which controlled by Info-Center.
3) You must enable the NAT log function first.
4) You must enable the NAT log to be inserted to Syslog.
5) When you configure a remote syslog loghost the Syslog which contains the NAT log will be sent to the remote loghost.
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作