Published 6月 11, 2018 by with 0 comment

CCNP-ISCW-v5.0 Lab 5-5: Configuring Logging



Lab5-5.net file for Dynamips:

##################################################
#
# CCNP Version 5.0: Implementing Secure Converged Wide-Area Networks
# Lab 5.5 Configuring Logging
# By Happy Peter  http://blog.xuite.net/juilin77/happy
#
##################################################

autostart=false
[localhost:7200]
 workingdir = /opt/dynamips/dynagen-0.10.1/UTS/CCNP2/Lab5-5/workingconfig

[[3725]]
# Specify 3725 IOS image on Linux here:
 image = /opt/dynamips/images/c3725-ad.bin
 ram = 256
 idlepc =0x60bf8d58
 mmap = true
 ghostios = true
 confreg = 0x2102

###########################
#
# Define router instances 1
#
###########################
 
[[Router R1]]
 model = 3725
 console = 2001
 f0/0 = NIO_linux_eth:eth0

Objectives
‧ Configure a router to log to a Syslog server
‧ Use Kiwi Syslog Daemon as a Syslog server
‧ Configure local buffering on a router


Scenario:
In this lab, you will configure a router to log system messages and notifications to a Syslog server. You will also view the logs on the Syslog server.


Basic Configuration:
enable
configure terminal
!
no ip domain lookup
!
line console 0
 logging synchronous
 exec-timeout 0 0
!
host R*


Step 1: Configure the interface
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 192.168.100.214 255.255.255.192
R1(config-if)#no shutdown

R1#ping 192.168.100.213

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.213, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/12 ms


Step 2: Install the Kiwi Syslog Daemon
Download and install the Kiwi Syslog Daemon form http://www.kiwisyslog.com.


Step 3: Run the Kiwi Syslog Service Manager


Step 4: Configure the Router for Logging
First, configure the IP address of a Syslog server with the logging host hostname command.
R1(config)#logging host 192.168.100.213

Set the Syslog severity level. Each severity level includes the severity levels with lower numbers. The default level is 6, informational logging.
R1(config)#logging trap informational

Generate some logging messages for your log server by configuring your device to log users entering and exiting privileged mode with the logging userinfo command.
R1(config)#logging userinfo
R1(config)#end
*Mar  1 00:15:56.099: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:15:57.099: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 192.168.100.213 port 514 started - CLI initiated

To verify logging settings.
R1#show logging


Step 5: Verify Logging


On the router, exit privileged EXEC mode, and then reenter it using the enable command.
R1#disable
*Mar  1 00:21:13.471: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 1 by unknown on console
R1>enable
*Mar  1 00:21:18.291: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 15 by unknown on console
R1#


Step 6: Configure Buffered Logging
You may consider buffering logs to a local memory buffer. Use the informational level and set the buffer size to 32 KB.
R1(config)#logging buffered 32768 informational
R1#show logging

R1#disable
*Mar  1 00:27:10.899: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 1 by unknown on console
R1>enable
*Mar  1 00:27:42.083: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 15 by unknown on console
R1#


Final Configurations
R1:
hostname R1
!
logging userinfo
logging buffered 32768 informational
!
no ip domain lookup
!
interface FastEthernet0/0
 ip address 192.168.100.214 255.255.255.192
 no shutdown
!
logging 192.168.100.213
!
line con 0
 exec-timeout 0 0
 logging synchronous
!
end


Reference:
Cisco Networking Academy
http://www.cisco.com/web/learning/netacad/index.html

CCNP Version 5.0: Implementing Secure Converged Wide-Area Networks
Student Lab Manual


最初發表 / 最後更新: 2008.10.05 / 2018.06.11

0 comments:

張貼留言