SRX

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Passing syslog traffic to syslog server over VPN

    Posted 04-21-2025 10:45

    I'm trying to configure syslog traffic to a syslog server on a different location over a VPN connection 

    I can see that the syslog traffic is being generated on the ge-0/0/0.1 (Untrust zone on my firewall) 
    how can I set up so the syslog traffic is on the trusted zone interface irb.0 
        log {
            stream syslog-server {
                format sd-syslog;
                category all;
                host {
                    10.10.10.10; (redacted)
                    port 9500; (requested port by syslog server)
                }
                transport {
                    protocol udp;
                }
                source-address 11.11.11.11; (redacted)
            }
        }



    ------------------------------
    LUIZ CASTILHO
    ------------------------------


  • 2.  RE: Passing syslog traffic to syslog server over VPN

    Posted 30 days ago

    For the traffic to use the vpn connection the source and destination addresses have to be setup as allowed by the VPN configuration.  

    And the routing on both sides of the tunnel also has to select the tunnel as the destination for that traffic.

    Is your VPN a policy based or route based tunnel?  And is the flow setup to use this path?

    If route based vpn is the return route to the SRX source ip address setup on the other side of the tunnel?

    Is the security policy in place to permit the traffic on both sides of the tunnel?



    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------

    Original Message