Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ereddy
Staff
Staff

Created on ‎11-23-2020 03:24 AM Edited on ‎12-15-2021 11:09 PM By Anonymous

Article Id 195284

Technical Tip: Syslog server over IPSEC VPN and sending VPN logs

Description
This article describes how to connect the syslog server over IPSEC VPN and sending VPN logs.

Solution
The setup example for the syslog server FGT1-> IPSEC VPN -> FGT2->syslog server.

In this scenario as the logs will be self-generating traffic.
Hence it will use the least weighted interface in FortiGate

Hence here, two options to make this work.
So that the FortiGate can reach syslog servers through IPsec tunnels

Option 1)

Use particular source ip in the syslog config on FGT1.
So that the traffic of syslog server reaches FGT2 with a particular source

Related document:
https://docs.fortinet.com/document/fortigate/6.2.1/cli-reference/352620/log-syslogd-setting

# config log syslogd setting
    set source-ip x.x.x.x <----- IP address.
end
end

Option 2)

Assign an IP address to the VPN tunnel so that the FortiGate self-generated traffic will come with the tunnel IP address.

Related document:
https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/75456/configuring-tunnel-interfaces.

Labels:
6754
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.