Syslog to IPv6 Server

Forum|Forum|4 years ago
December 7, 2021
1 reply
1933 views

I'm trying to send syslog messages from a fortigate (v6.2.3) to a local syslog server using ipv6. I have ipv6 connectivity confirmed between the fortigate and the syslog server on the same network segment. When I assign the syslog server's ipv6 address in the "Send logs to syslog" setting on the fortigate, the syslog messages do not reach the syslog server (confirmed via wireshark). If I switch that ipv6 address to the ipv4 address of the syslog server the message begin showing up at the syslog server.

I am wondering if I can only achieve this by first sending the syslog log messages to a Fortianalyzer rather than directly from the fortigate? I thought the Fortigate was supposed to be able to handle this, maybe I'm missing something?

FortiGate

AlexC-FTNT

Staff

I think the main question is whether you have ipv6 connectivity from FortiGate to FAZ. Can you ping the FAZ, do you have correct routing? In a packet cpature, does the packet leave the FG on the correct interface to FAZ? Is the FAZ configured with IPv6 and routing for IPv6?

This may help on the FAZ side:

https://docs2.fortinet.com/document/fortianalyzer/6.0.5/administration-guide/575701/configuring-network-interfaces

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded