Lab 3-12 – Configure logging to a Remote SYSLog Server

In this lab you will learn how to configure a Cisco IOS Router and/or Switch to log all system message to a remote SYSLog Server.

Real World Application

In production networks routers moan and groan every minute theoretically speaking. Interfaces going up and down, ACL hit counts incrementing, configuration changes and etc… From an administrative standpoint one needs to track all the messages that the devices generate, these are known as system log messages. Of course one would never log each device to its self as this would be an administrative disaster to have to pull logs from every single device in the network. Most companies that have a full time engineer would no doubtingly place a SYSLog server in the network to collect all the messages generated by Cisco devices.


After all why check tens, hundreds if not thousands of devices for local log messages when you can check a single server for log messages of every device in the network?

Lab Prerequisites

  • If you are using GNS3 than load the Stub Area Networking GNS3 topology than start devices; R1.
  • Establish a console session with devices R1 than configure the devices respected hostname(s).
  • If you’re using GNS3 you’ll need to delete the link connecting to R1′s FastEthernet0/0 and configure a Cloud interface linking to R1′s FastEthernet0/0 interface. For reference of this configuration refer to Lab 1-8 – Home / Configuring a GNS3 Ethernet NIO Cloud
    Configuring a GNS3 Ethernet NIO Cloud
  • For testing purposes, download Solarwinds Kiwi SYSLog Server which can be found HERE

Lab Objectives

  • Configure R1 to enable logging towards the host IP address assigned to your Cloud 1 Adapter.
  • Configure the logging option to log level 7 (Debugging) messages and lower.
  • Generate some SYSLog messages by debugging IP Packet and ping the Cloud’s interface IP.
  • Verify the SYSLog messages are correctly sent to the Kiwi SYSLog Server.

Lab Instruction

Step 1. – Configure R1 to enable logging towards the host IP address assigned to your Cloud 1 Adapter. To complete this objective you will use the logging host x.x.x.x command whereas x.x.x.x is the IP address of the SYSLog Server as shown below;

R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#logging host 192.168.2.3

Step 2. – Configure the logging option to log level 7 (Debugging) messages and lower. To complete this task you will use the logging trap command followed by the level highest level you wish to log (1-7)

R1(config)#logging trap 7
R1(config)#end
R1#
%SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 192.168.2.3 port 514 started
 - CLI initiated
R1#

Step 3. – Generate some manual SYSLog messages by debugging IP Packet and ping the Cloud’s interface IP.

R1#debug ip icmp
ICMP packet debugging is on
R1#ping 192.168.255.10

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/24/100 ms
R1#
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
R1#


Step 4. – Verify the SYSLog messages are correctly sent to the Kiwi SYSLog Server.

Read Me

To verify the remote SYSLog is configured properly on R1 you’ll need a SYSLog server configured on your host machine. For the purposes of the Free CCNA Workbook lab, Solarwinds Kiwi Server is used for configuration verification. The Kiwi SYSLog Server IP address is 192.168.255.10/24 and R1′s FastEthernet0/0 IP Address is 192.168.255.1/24

A screen shot below that Solarwinds Kiwi is properly receiving the SYSLog messages; Click image to enlarge in new web browser tab.

No comments have been left yet for this page.

Add Your Comment

Your Comment