Hi, FAC masters,
As the title, since the customer's Radius server sent syslog from different source IP addresses. So I have to set several IP as source as well, In case not miss any, can i just set it as 0.0.0.0 ?I found it could save, but not sure it works alright.
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @ykenny
Did you see this article, I hope you would have.
It says,
"Each syslog source must be defined for the syslog daemon to accept traffic. Each source must also be configured with a matching rule (either pre-defined or custom built; see below), and syslog service must be enabled on the network interface(s) that will listen to remote syslog traffic."
So I think we need to define them individually is what I think. But still we can see if anyone had an idea.
Best Regards,
Hi @ykenny
simply NO. According to lab test I did it is not working when I use rule on client defined as 0.0.0.0.
Regardless it is accepted and saved to config. Probably simply because it is valid IP from range.
What I believe is that we do simple exact IP match between allowed sources and actual senders.
As your packet is not truly coming into FAC with src IP as 0.0.0.0, then it does not match and it is silently discarded. Not even logged .. which I would like to see.
Therefore if you need something like we have in RADIUS Service, where clients can be defined as range to netmask, so 10.0.0.0/24 for example would be valid source. Then this needs to pass through NFR. It would be nice enhancement, and we might have a code already (like that RADIUS), so no labor intensive, and should you have customer asking for it (in need), it might push and make that NFR happen. Go for it.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.