Lab5-5.net file for Dynamips:
##################################################
#
# CCNP Version 5.0: Implementing Secure Converged Wide-Area Networks
# Lab 5.5 Configuring Logging
# By Happy Peter http://blog.xuite.net/juilin77/happy
#
##################################################
autostart=false
[localhost:7200]
workingdir = /opt/dynamips/dynagen-0.10.1/UTS/CCNP2/Lab5-5/workingconfig
[[3725]]
# Specify 3725 IOS image on Linux here:
image = /opt/dynamips/images/c3725-ad.bin
ram = 256
idlepc =0x60bf8d58
mmap = true
ghostios = true
confreg = 0x2102
###########################
#
# Define router instances 1
#
###########################
[[Router R1]]
model = 3725
console = 2001
f0/0 = NIO_linux_eth:eth0
Objectives
‧ Configure a router to log to a Syslog server
‧ Use Kiwi Syslog Daemon as a Syslog server
‧ Configure local buffering on a router
Scenario:
In this lab, you will configure a router to log system messages and notifications to a Syslog server. You will also view the logs on the Syslog server.
Basic Configuration:
enable
configure terminal
!
no ip domain lookup
!
line console 0
logging synchronous
exec-timeout 0 0
!
host R*
Step 1: Configure the interface
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 192.168.100.214 255.255.255.192
R1(config-if)#no shutdown
R1#ping 192.168.100.213
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.213, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/12 ms
Step 2: Install the Kiwi Syslog Daemon
Download and install the Kiwi Syslog Daemon form http://www.kiwisyslog.com.
Step 3: Run the Kiwi Syslog Service Manager
Step 4: Configure the Router for Logging
First, configure the IP address of a Syslog server with the logging host hostname command.
R1(config)#logging host 192.168.100.213
Set the Syslog severity level. Each severity level includes the severity levels with lower numbers. The default level is 6, informational logging.
R1(config)#logging trap informational
Generate some logging messages for your log server by configuring your device to log users entering and exiting privileged mode with the logging userinfo command.
R1(config)#logging userinfo
R1(config)#end
*Mar 1 00:15:56.099: %SYS-5-CONFIG_I: Configured from console by console
*Mar 1 00:15:57.099: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 192.168.100.213 port 514 started - CLI initiated
To verify logging settings.
R1#show logging
Step 5: Verify Logging
On the router, exit privileged EXEC mode, and then reenter it using the enable command.
R1#disable
*Mar 1 00:21:13.471: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 1 by unknown on console
R1>enable
*Mar 1 00:21:18.291: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 15 by unknown on console
R1#
Step 6: Configure Buffered Logging
You may consider buffering logs to a local memory buffer. Use the informational level and set the buffer size to 32 KB.
R1(config)#logging buffered 32768 informational
R1#show logging
R1#disable
*Mar 1 00:27:10.899: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 1 by unknown on console
R1>enable
*Mar 1 00:27:42.083: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 15 by unknown on console
R1#
Final Configurations
R1:
hostname R1
!
logging userinfo
logging buffered 32768 informational
!
no ip domain lookup
!
interface FastEthernet0/0
ip address 192.168.100.214 255.255.255.192
no shutdown
!
logging 192.168.100.213
!
line con 0
exec-timeout 0 0
logging synchronous
!
end
Reference:
Cisco Networking Academy
http://www.cisco.com/web/learning/netacad/index.html
CCNP Version 5.0: Implementing Secure Converged Wide-Area Networks
Student Lab Manual
最初發表 / 最後更新: 2008.10.05 / 2018.06.11
0 comments:
張貼留言