MSR Series
NAT Log configuration
Keywords: MSR; NAT; XLog
1. Customer requirements
MSR as the NAT gateway between the customer’s intranet and the internet, the customer wants the each NAT session generates one record that to be sent to a remote XLog server in a private format named NAT-Log which is not compatible with Syslog.
Devices list: 1 MSR router, 2 PC.
2. Topology
3. Active Configurations
MSR key configuration
#
// Enable the NAT log to be sent to the XLog server 10.153.43.106 at UDP port 9021 which is different with Syslog
userlog nat export host 10.153.43.106 9021
#
// The acl for NAT
acl number 2000
rule 0 permit source 10.153.43.0 0.0.0.255
#
// The interface connects to the Intranet
interface GigabitEthernet0/0
port link-mode route
ip address 10.153.43.112 255.255.255.0
#
// The interface connects to the Internet
interface GigabitEthernet0/1
port link-mode route
// Enable the traffic defined by ACL 2000 to be translated by NAT
nat outbound 2000
ip address 1.2.0.1 255.255.255.252
#
// Enable the NAT log function
nat log enable
// The NAT log will be created as well as the NAT session created
nat log flow-begin
// Insert the NAT log every 10 minutes when the NAT session alive
nat log flow-active 10
#
4. Some advice
1) NAT log function is not opened by default.
2) NAT log triggered by NAT is different from Syslog which controlled by Info-Center.
3) You must enable the NAT log function first.
4) You must enable the NAT log to be sent to a XLog server which differs from Syslog.
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作