Page 1 of 1
Private IP NAT log issue
Posted: Sat Jan 05, 2019 1:50 pm
by Ragupathi
Hi Everyone
I have configure my syslog server on Ubuntu from RB2011 UiAS. Here Static IP logs are stored properly, But Private IP logs are not working properly ( can`t see private IP`s source and destination paths).
Can you please tell me the configs.
Thanks in advance.
Re: Private IP NAT log issue
Posted: Sat Jan 05, 2019 2:28 pm
by sebastia
Hello
I don't understand your issue. The syslog will "mirror" log messages as they are logged on the router.
Re: Private IP NAT log issue
Posted: Sat Jan 05, 2019 2:39 pm
by Ragupathi
Hello
I don't understand your issue. The syslog will "mirror" log messages as they are logged on the router.
I cant store my Private IP`s Logs ( like source and destination of IP travelling ) to the syslog server.
How can i do this
Re: Private IP NAT log issue
Posted: Sat Jan 05, 2019 3:02 pm
by sebastia
And can you see these in log of Mikrotik router?
Re: Private IP NAT log issue
Posted: Sat Jan 05, 2019 4:05 pm
by Ragupathi
And can you see these in log of Mikrotik router?
No Currently i forward all logs to syslog server. My question is i can`t seen my private IP`s source and destination paths not log storage.
Thanks
Re: Private IP NAT log issue
Posted: Sat Jan 05, 2019 5:24 pm
by mkx
What kind of log entry are you missing in particular?
Either that kind of logging is not enabled by default or is not possible to log at all (due to numerous reasons).
Without you being very specific when describing the issue here we can not help (mind readers are on the other forum).
Re: Private IP NAT log issue
Posted: Mon Jan 07, 2019 11:34 am
by Ragupathi
What kind of log entry are you missing in particular?
Either that kind of logging is not enabled by default or is not possible to log at all (due to numerous reasons).
Without you being very specific when describing the issue here we can not help (mind readers are on the other forum).
Thanks for your reply.
I want to get log from customer browsing websites and its path of IP travelling.
Here i have use srcnat for my Private IP`s,
When i want to trace my Private IP`s logs, It shows me 0.0.0.0 as source IP and 255.255.255.255 as destination IP. How can i rectify this?
Please help me from this issue.
Re: Private IP NAT log issue
Posted: Mon Jan 07, 2019 12:06 pm
by mkx
Something like
/ip firewall filter
add chain=forward action=log in-interface-list=LAN out-interface-list=WAN connection-state=new,untracked
and you should push it near the start of filter list - exact place really depends on other
chain=forward rules ... definitely above rule that might look like this one:
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
The rule will only show connections from inside your LAN towards internet. Depending on topology of your LAN(s) rule to log browsing between LAN(s) hosts would look alike ... some connections won't show as they don't pass router at all (i.e. if server is in the same subnet as client).