Syslog: Sending logs to server on a subnet other than the LAN
-
I haven't seen anything in the docs or forum that says that syslog only sends on the LAN interface and subnet, but I kind of gather that this might be the case. Can someone verify?
I am trying to send syslogs from my pfSense box that hosts a LAN subnet of 192.168.1.X/24 and sending it to a syslog server with an IP of 192.168.0.15/24. The 192.168.0.X/24 network is reachable via the OPT interface (and a static route to another router). When I set up the server address as the destination for pfSense syslog data, nothing is delivered. Also, a tcpdump on both the LAN and OPT interfaces shows no syslog messages originating on port 514 from the pfSense box.
I DO see messages when I set up pfSense to send to an address on the LAN subnet.
My question is, should pfSense be able to send syslog to a subnet on an interface other than the LAN? Do I need to set up a syslog forwarder on the LAN subnet to forward to the OPT subnet.
-
It can send them anywhere. I have some that send to something behind a different router, some that log over IPsec, some over OpenVPN, if the firewall can communicate with that host it can log to it.