Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remote syslog to multiple servers

    General pfSense Questions
    1
    1
    374
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jeffhammett
      last edited by

      I have my pfSense setup to send Syslog to a remote server on the same LAN. The server receives the syslog and everything is working as expected.

      I added a second remote server to the Syslog settings, this server is located across an IPSEC tunnel. The tunnel is up and functioning and has wide open firewall rules to allow all traffic. But the second syslog server is not receiving any syslog from the pfSense (verified with tcpdump)

      When I do a packet capture on my pfSense limited to port 514 I see the syslog being sent to the remote server on the LAN, but nothing being sent to the second remote syslog server across the IPSEC tunnel.

      I verified that the <syslog>portion of /cf/conf/config.xml contains entries for both IP addresses.

      Any thoughts on what to check next to try to get the remote syslog to the second server?

      edit: i think I found my answer https://doc.pfsense.org/index.php/Why_can't_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN</syslog>

      1 Reply Last reply Reply Quote 0
      • First post
        Last post