Capturing cisco 837 message to syslog server

Hi again,

Today, i added syslog server to capture my cisco 837 message. I require this after i enable firewall using SDM. Strangely , I can't visit few websites(www.cnn.com / mail.yahoo.com ) after enable it. From console, i can't read the message. it scroll to fast.

ok, first i disable all message logging to console and then i enable message to send to syslog server. My syslog server ip address is 10.1.201.2 .


Router(config)#no logging console
Router(config)#logging 10.1.201.2












i'm using Syslog Watcher personal edition which can be download from http://www.snmpsoft.com/downloads/SyslogWatcherPersonal.exe

I found out access-list 103 keep block packet from external. I don't think by removing the 103 is a good idea. Let me check on the ACL configuration tutorial for the answer.



-Update 21st Oct 2010-

Finally, i found out the reason why those few website inaccessible,
just disable ip inspect http.
I added it using SDM before. ;)

Cisco 837 with TMNET Streamyx

Hi there,

Even Cisco 837 is obsolete model, but it still good compared with other low end router such as Dlink or [TMNET provided router]. It have quite advance capability which not in most of low end router. It can be setup as VPN server + advance firewall. To much to talk about it..

I would like to share with everybody the cisco 837 configuration which work with Malaysia TMNET Streamyx line. This router took me few days to finally work(i bought it because want to try Cisco device).
below configuration are tested with IOS c837-k9o3sy6-mz.124-17b.bin, but it should be minor changes on the configuration if you're using different IOS.
anyway, i recommend everybody to read the cisco 837 documentation from cisco router. it will provide you with more details what and why..

this configuration is without firewall enable. you can google for it.

!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot system flash:c837-k9o3sy6-mz.124-17b.bin
boot-end-marker
!
logging buffered 51200 warnings
enable password mypassword
!
no aaa new-model
clock timezone PCTIME 10 37
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.1.201.1
!
ip dhcp pool MYLAN
network 10.1.201.0 255.255.255.0
dns-server 10.1.201.1
default-router 10.1.201.1
!
!
ip cef
!
!
crypto pki trustpoint TP-self-signed-3497823135
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3497823135
revocation-check none
rsakeypair TP-self-signed-3497823135
!
!
crypto pki certificate chain TP-self-signed-3497823135
certificate self-signed 01 nvram:IOS-Self-Sig#3535.cer
username ciscoadmin privilege 15 password 0 ciscoadmin
!
!
!
no crypto isakmp enable
!
!
!
interface Ethernet0
description $FW_INSIDE$
ip address 10.1.201.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
hold-queue 100 out
!
interface Ethernet2
no ip address
shutdown
hold-queue 100 out
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$
no snmp trap link-status
pvc 0/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet1
duplex auto
speed auto
!
interface FastEthernet2
duplex auto
speed auto
!
interface FastEthernet3
duplex auto
speed auto
!
interface FastEthernet4
duplex auto
speed auto
!
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username mystreamyx@streamyx password 0 mypassword
ppp ipcp dns request
ppp ipcp mask request
ppp ipcp address required
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 permit 10.1.201.0 0.0.0.255
!
!
!
control-plane
!
!
line con 0
no modem enable
transport output all
line aux 0
transport output all
line vty 0 4
privilege level 15
login local
transport input telnet ssh
transport output all
!
scheduler max-task-time 5000
end

Server Rack

This is what my server rack look like from behind.
I have no label on CAT5 and KVM cables. Took me few hours to rearrange the cables plus
system down time.

Welcome

Hi everybody,
I create this blog to share IT hardware pictures. I will share a servers, desktop or any imaginary IT hardware pictures. I welcome for any pictures contribution from you guys. But please make sure that you own the right of the pictures.

You can e-mail your contribution to my e-mail address at mohdzauti@gmail.com .