Syslog traffic from a Radware Load Balancing device does not appear to pass through the firewall
|Article:TECH80922|||||Created: 2003-01-25|||||Updated: 2007-01-09|||||Article URL http://www.symantec.com/docs/TECH80922|
You are trying to pass syslog traffic from your Radware device through the firewall. The syslog traffic does not pass through, nor appear to be logged by the firewall.
radware, 514, syslog, ports, destination,
This problem is caused by the Radware syslog program using a set source port of 514/UDP instead of an ephemeral port.
To pass Radware syslog traffic:
- Connect your Symantec Raptor Management Console (SRMC) to your firewall.
- In the left pane, expand Base Components.
- Right-click Protocols and choose New > Protocol.
- On the General tab, check Display in Rule Window and use a Base Protocol of UDP.
- On the TCP/UDP Port Ranges tab, type in a source and destination port of 514.
- Create a redirect, using the protocol that you created in step three, to redirect traffic into the syslog server.
- Using the protocol, create a rule to allow the firewall to pass the traffic to the syslog server.
Article URL http://www.symantec.com/docs/TECH80922