The solution for the System Log data of ER7206/ER605 not passing through the IPsec VPN tunnel to syslog server

Troubleshooting
更新01-11-2022 02:44:36 AM 43629
這篇文章適用於: 

When the ER7206/ER605 establishes an IPSec VPN tunnel with other routers because the system log will select the route as its source IP when sending, the WAN port IP is selected on the ER7206/ER605, and the IPSEC tunnel has the source IP and destination IP. Strict restrictions, so it cannot hit the tunnel incoming to the opposite subnet. In this case, an additional VPN tunnel needs to be configured. The specific configuration process is as follows:

  1. Network Topology

For how to configure LAN-to-LAN IPsec VPN, please refer to FAQ2163.

Note: This article is only for ER7206/ER605 (Omada Gateway), ER6120 does not have this problem.

 

  1. Configuration Example of ER7206
  1. Configure the local subnet as 192.168.0.1/24 to the policy of the opposite subnet 192.168.1.1/24 (IPSec connection);
  2. Configure the local subnet as 10.10.10.10/32 (WAN port IP) to the policy of the opposite subnet 192.168.1.1/24. (new strategy for syslog server)

 

  1. Configuration Example of ER6120 (or other VPN Router)
  1. Configure the local subnet as 192.168.1.1/24 to the policy of the opposite subnet 192.168.0.1/24 (IPSec connection);
  2. Configure the policy that the local subnet is 192.168.1.1/24 to the remote WAN port IP 10.10.10.10/32. (new strategy for Syslog server)

At this point, the System Log of the ER7206 can be sent to the opposite subnet through the VPN tunnel.

這篇faq是否有用?

您的反饋將幫助我們改善網站

Recommend Products

來自 United States?

取得您的地區產品、活動和服務。