The solution for the System Log data of ER7206/ER605 not passing through the IPsec VPN tunnel to syslog server

Troubleshooting
Updated 01-11-2022 02:44:36 AM 4992
Acest ghid este valabil pentru: 

When the ER7206/ER605 establishes an IPSec VPN tunnel with other routers because the system log will select the route as its source IP when sending, the WAN port IP is selected on the ER7206/ER605, and the IPSEC tunnel has the source IP and destination IP. Strict restrictions, so it cannot hit the tunnel incoming to the opposite subnet. In this case, an additional VPN tunnel needs to be configured. The specific configuration process is as follows:

  1. Network Topology

For how to configure LAN-to-LAN IPsec VPN, please refer to FAQ2163.

Note: This article is only for ER7206/ER605 (Omada Gateway), ER6120 does not have this problem.

 

  1. Configuration Example of ER7206
  1. Configure the local subnet as 192.168.0.1/24 to the policy of the opposite subnet 192.168.1.1/24 (IPSec connection);
  2. Configure the local subnet as 10.10.10.10/32 (WAN port IP) to the policy of the opposite subnet 192.168.1.1/24. (new strategy for syslog server)

 

  1. Configuration Example of ER6120 (or other VPN Router)
  1. Configure the local subnet as 192.168.1.1/24 to the policy of the opposite subnet 192.168.0.1/24 (IPSec connection);
  2. Configure the policy that the local subnet is 192.168.1.1/24 to the remote WAN port IP 10.10.10.10/32. (new strategy for Syslog server)

At this point, the System Log of the ER7206 can be sent to the opposite subnet through the VPN tunnel.

A fost util acest FAQ?

Părerea ta ne ajută să îmbunătățim acest site.

Recommend Products

Abonează-teTP-Link vă protejează intimitatea. Pentru mai multe detalii privind practicile de confidențialitate ale TP-Link, consultați Politica de confidențialitate TP-Link .

From United States?

Get products, events and services for your region.