SRX

Expand all | Collapse all

How Syslog works in VPN

Jump to Best Answer
  • 1.  How Syslog works in VPN

    Posted 01-07-2020 08:49

    Dear Team,

     

    We have Site-to-site VPN (Juniper to Cisco).Syslog server is behind the Cisco.Howerver I have the reachability from host to host(private to private).As per my knowledge ,if i run ping from Juniper to syslog server ,it won't ping.In this scenario how to achive logging to external server.



  • 2.  RE: How Syslog works in VPN

    Posted 01-07-2020 09:02

    Hi,

    Are you using SRX Series devices for the Juniper End? If so these will assist you.
    https://www.juniper.net/documentation/en_US/junos-cc15.1/topics/reference/general/15.1x49-d60/handling-logs-to-external-server.html

     

    https://www.juniper.net/documentation/en_US/junos-cc15.1/topics/reference/general/15.1x49-d60/appendix1.html

    NetNet: You have to tell the SRX and the Server they arent local and how they need to communicate log files securely under most countries secuiry laws (CC FIPS etc).

    KR
    Adam



  • 3.  RE: How Syslog works in VPN
    Best Answer

     
    Posted 01-07-2020 16:49

    You will need an interface ip address on the Juniper that is included across the vpn to reach the syslog server.

     

    Once you have a valid address you can test this using ping sourced from that interface

    ping 1.1.1.1 interface ge-0/0/0.0

     

    and then also configure your syslog stanza to use that ip address as the source

    set system syslog source-address 2.2.2.2