on my campus we have one Enterasys S8 and two Enterasys S3.
We configured syslog logging in all of them, but we can't receive any syslog from the devices.
Below an excerpt of the logging configuration part:
<< S3(su)->sh config logging This command shows non-default configurations only. Use 'show config all' to show both default and non-default configurations.
begin ! # ***** NON-DEFAULT CONFIGURATION ***** ! ! # Chassis Firmware Revision: 08.32.02.0009 ! # logging set logging default facility local7 severity 7 set logging server 1 ip-addr X.X.X.X descr logtlc state enable set logging local console enable file enable sfile enable set logging hostname sysName ! end >>
We already tried to tcpdump on the syslog linux server, but we cannot receive any log from the devices.
But we receive syslogs from any other device we have on the campus (Juniper EX, Cisco, HP Procurve and so on).
We already checked iptables/tcpwrapper on the linux syslog server and if there is an ACL somewhere blocking the traffic, but didn't found anything blocking syslog traffic from coming.
In the logging buffer I can see: <189>Jun 15 10:42:15 0.0.0.0 SystemReconnect attempted for logging server 1 (220.127.116.11) But I don't see nothing coming to the linux syslog during these attempts of reconnection.