Send router logs to a syslog server

A log, maybe this term means for you to trashy files, unless information and …, maybe you’re right but sometimes a line even a word of these, can help you to resolve your problem, so I think logs are necessarily items for troubleshooting!

In this project, we have 3 clients in a simple network and we want to control incoming and outgoing traffic and also send logs to a syslog server.
I’ll use TFTPD32 as a syslog server, it’s very simple and suitable for small projects and for simulating my network I’ll use GNS3.
Our goals are as follows:

  1. Run RIP protocol.
  2. Control ICMP protocol between our clients.
  3. Send logs to our syslog server.

Our network devices that we’ll use them in this project are as follows:

  1. Two Cisco 7200 series routers.
  2. Two Ethernet switches.
  3. Three clients
  4. A cloud for send logs to syslog server.
Our network schema will like the below figure:
 
 

In the first step, we config our client and assign an IP address to each of them:
Client1: IP Address (192.168.1.1) Gateway (192.168.1.254)
Client2: IP Address (192.168.3.1) Gateway (192.168.3.254)
Client3: IP Address (192.168.3.2) Gateway (192.168.3.254)

Step 2, we must connect our cloud to a physical NIC, I have a virtual NIC on my Windows that created by Virtual Box, I used it and it’s connected to my Cloud.

Step 3, router 1 (R1) must be configured, so we need assign an IP address to each interface:

R1>en
R1#conf t
R1(config)#int f2/0
R1(config-if)#ip add 192.168.56.2 255.255.255.0
R1(config-if)#no shut
R1(config-if)#int f1/1
R1(config-if)#ip add 192.168.1.254 255.255.255.0
R1(config-if)#no shut
R1(config-if)#int f1/0
R1(config-if)#ip add 192.168.2.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#exit

Step 4, our other router also needs to configure, so:

R2>en
R2#conf t
R2(config)#no logg cons
R2(config)#int f1/0
R2(config-if)#ip add 192.168.2.2 255.255.255.0
R2(config-if)#no shut
R2(config-if)#int f1/1
R2(config-if)#ip add 192.168.3.254 255.255.255.0
R2(config-if)#no shut
R2(config-if)#exit

Step 5, connectivity, our sub nets must be connected together, we’ll use RIP protocol:
R1(config)#router rip
R1(config-router)#ver 2
R1(config-router)#net 192.168.3.0
R1(config-router)#net 192.168.2.0
R1(config-router)#net 192.168.1.0
R1(config-router)#net 192.168.56.0
R1(config-router)#exit

R2(config)#router rip
R2(config-router)#ver 2
R2(config-router)#net 192.168.1.0
R2(config-router)#net 192.168.2.0
R2(config-router)#net 192.168.3.0
R2(config-router)#net 192.168.56.0
R2(config-router)#exit

Step 6, defining syslog server for routers:

R1(config)#logging on
R1(config)#logging host 192.168.56.1

R2(config)#logging on
R2(config)#logging host 192.168.56.1

Step 7, we need to ACLs for control routers traffics:

R1(config)#access-list 100 permit icmp host 192.168.1.1 host 192.168.3.1 echo log
R1(config)#access-list 100 permit icmp host 192.168.3.1 host 192.168.1.1 echo-reply log
R1(config)#access-list 100 permit icmp host 192.168.3.1 host 192.168.1.1 echo log
R1(config)#access-list 100 permit icmp host 192.168.1.1 host 192.168.3.1 echo-reply log

Note: We wrote 4 lines:

  1. Line 1: Every packet that its sender is 192.168.1.1 and its receiver is 192.168.3.1 and also ICMP message is “Echo” will be allowed to leave.
  2. Line 2:   Every packet that its sender is 192.168.3.1 and its receiver is 192.168.1.1 and also ICMP message is “Echo Reply” will be allowed to leave.
  3. Line 3:   Every packet that its sender is 192.168.3.1 and its receiver is 192.168.1.1 and also ICMP message is “Echo” will be allowed to leave.
  4. Line 4:  Every packet that its sender is 192.168.1.1 and its receiver is 192.168.3.1 and also ICMP message is “Echo Reply” will be allowed to leave.
  5. We used “log” keyword, it cause router send logs to syslog server.
Finally, access list must be assigned to one interface:
R1(config)#int f1/1
R1(config-if)#ip access-group 100 out
 
When we ping client2 from client1, we have reply message and also if we ping client1 from client2, we have reply message but when we ping client3, we have timeout.
 
You can download project files from the below links:

[quotes_and_tips]

Davoud Teimouri

Davoud Teimouri is as a professional blogger, vExpert 2015/2016/2017/2018/2019, VCA, MCITP. This blog is started with simple posts and now, it has large following readers.

Leave a Reply

Your email address will not be published. Required fields are marked *