We have Site-to-site VPN (Juniper to Cisco).Syslog server is behind the Cisco.Howerver I have the reachability from host to host(private to private).As per my knowledge ,if i run ping from Juniper to syslog server ,it won't ping.In this scenario how to achive logging to external server.
Hi,Are you using SRX Series devices for the Juniper End? If so these will assist you.https://www.juniper.net/documentation/en_US/junos-cc15.1/topics/reference/general/15.1x49-d60/handling-logs-to-external-server.html
https://www.juniper.net/documentation/en_US/junos-cc15.1/topics/reference/general/15.1x49-d60/appendix1.htmlNetNet: You have to tell the SRX and the Server they arent local and how they need to communicate log files securely under most countries secuiry laws (CC FIPS etc).KRAdam
You will need an interface ip address on the Juniper that is included across the vpn to reach the syslog server.
Once you have a valid address you can test this using ping sourced from that interface
ping 184.108.40.206 interface ge-0/0/0.0
and then also configure your syslog stanza to use that ip address as the source
set system syslog source-address 220.127.116.11