Wireless Access

• This is not possible as the UDP to TCP translation will not be functional. TCP is connection oriented and UDP is connectionless.
• The dst-nat port for syslog udp port will not work as because the traffic is originating from controller (which in our case UDP 514 was) so it will not trigger DNAT ACL, because the syslog traffic is being generated in the controller that is why we can't DNAT it.
• Starting from 8.6.0.0, there is a feature introduced to send syslog messages to a custom UDP port only. For eg: syslog messages sent to 515 instead of 514.

You can raise your Request as an RFE at https://innovate.arubanetworks.com/

How is custom UDP port done?  Or is there a link with instructions? 

• This is not possible as the UDP to TCP translation will not be functional. TCP is connection oriented and UDP is connectionless.
• The dst-nat port for syslog udp port will not work as because the traffic is originating from controller (which in our case UDP 514 was) so it will not trigger DNAT ACL, because the syslog traffic is being generated in the controller that is why we can't DNAT it.
• Starting from 8.6.0.0, there is a feature introduced to send syslog messages to a custom UDP port only. For eg: syslog messages sent to 515 instead of 514.

You can raise your Request as an RFE at https://innovate.arubanetworks.com/

generally to increase the security for syslog, I use syslog over TLS

here is the reference

How is custom UDP port done?  Or is there a link with instructions? 

• This is not possible as the UDP to TCP translation will not be functional. TCP is connection oriented and UDP is connectionless.
• The dst-nat port for syslog udp port will not work as because the traffic is originating from controller (which in our case UDP 514 was) so it will not trigger DNAT ACL, because the syslog traffic is being generated in the controller that is why we can't DNAT it.
• Starting from 8.6.0.0, there is a feature introduced to send syslog messages to a custom UDP port only. For eg: syslog messages sent to 515 instead of 514.

You can raise your Request as an RFE at https://innovate.arubanetworks.com/

Thank you ariyap.  TLS security point acknowledged, but not there yet.  

From the reference, it says Enter the IP address and port number IP address and the Port fields.  There is no port field.  Is sysntax to use a colon?  x.x.x.x:y  Running version 8.9.0.3.  

generally to increase the security for syslog, I use syslog over TLS

here is the reference

How is custom UDP port done?  Or is there a link with instructions? 

• This is not possible as the UDP to TCP translation will not be functional. TCP is connection oriented and UDP is connectionless.
• The dst-nat port for syslog udp port will not work as because the traffic is originating from controller (which in our case UDP 514 was) so it will not trigger DNAT ACL, because the syslog traffic is being generated in the controller that is why we can't DNAT it.
• Starting from 8.6.0.0, there is a feature introduced to send syslog messages to a custom UDP port only. For eg: syslog messages sent to 515 instead of 514.

You can raise your Request as an RFE at https://innovate.arubanetworks.com/

I am using 8.10.x LSR firmware

------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.

Original Message:
Sent: Feb 16, 2024 06:08 PM
From: DWake
Subject: Can I change the destination port number for logging going to a syslog server?

Thank you ariyap.  TLS security point acknowledged, but not there yet.  

From the reference, it says Enter the IP address and port number IP address and the Port fields.  There is no port field.  Is sysntax to use a colon?  x.x.x.x:y  Running version 8.9.0.3.  

Original Message:
Sent: Feb 16, 2024 05:11 PM
From: ariyap
Subject: Can I change the destination port number for logging going to a syslog server?

generally to increase the security for syslog, I use syslog over TLS

here is the reference

------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.

Original Message:
Sent: Feb 15, 2024 11:54 AM
From: DWake
Subject: Can I change the destination port number for logging going to a syslog server?

How is custom UDP port done?  Or is there a link with instructions? 

Original Message:
Sent: Sep 26, 2020 02:03 AM
From: MSK
Subject: Can I change the destination port number for logging going to a syslog server?

• This is not possible as the UDP to TCP translation will not be functional. TCP is connection oriented and UDP is connectionless.
• The dst-nat port for syslog udp port will not work as because the traffic is originating from controller (which in our case UDP 514 was) so it will not trigger DNAT ACL, because the syslog traffic is being generated in the controller that is why we can't DNAT it.
• Starting from 8.6.0.0, there is a feature introduced to send syslog messages to a custom UDP port only. For eg: syslog messages sent to 515 instead of 514.

You can raise your Request as an RFE at https://innovate.arubanetworks.com/