Created on 11-23-2020 03:24 AM Edited on 12-15-2021 11:09 PM By Anonymous
Description
This article describes how to connect the syslog server over IPSEC VPN and sending VPN logs.
Solution
The setup example for the syslog server FGT1-> IPSEC VPN -> FGT2->syslog server.
In this scenario as the logs will be self-generating traffic.
Hence it will use the least weighted interface in FortiGate
Hence here, two options to make this work.
So that the FortiGate can reach syslog servers through IPsec tunnels
Option 1)
Use particular source ip in the syslog config on FGT1.
So that the traffic of syslog server reaches FGT2 with a particular source
Related document:
https://docs.fortinet.com/document/fortigate/6.2.1/cli-reference/352620/log-syslogd-setting
# config log syslogd setting
set source-ip x.x.x.x <----- IP address.
end
end
Option 2)
Assign an IP address to the VPN tunnel so that the FortiGate self-generated traffic will come with the tunnel IP address.
Related document:
https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/75456/configuring-tunnel-interfaces.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.