Got FortiGate 200D with:
config log syslogd setting set status enable set server "192.0.2.1" set port 30000 end
Prior to adding the "set port 30000" it was working fine to standard port 514. After adding, and confirming with tcpdump, it doesn't seem to be sending anything.
Thanks
Diag debug flow would be my 1st start. but b4 you do that did you stop and restart the services. Are you running in vdoms? Did you check Master and Slave units
e.g
config log syslogd setting
unset server
set status disable
end
wait a few seconds;
config log syslogd setting
set server "192.0.2.1"
set status enable
end
PCNSE
NSE
StrongSwan
Hello, yep, did try removing and re-adding the config, but no change. These are an HA pair that are currently in sync. I do also have VDOM's but am not overriding at the vdom level, so this is being done under 'config global'.
Via tcpdump, I noticed that if I 'set reliable enable' (which changes the port) and then change the port back to 30000, it begins attempting to log via TCP, but if I leave the port at 30000 without reliable set, it seems to not attempt to log anything.
Ah please ignore, I was able to figure it out. The rule to let the port 30k syslog UDP in was set wrong to TCP, so I've got it working now with the first example I posted.
User | Count |
---|---|
2538 | |
1351 | |
795 | |
642 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.