Problem between F5 CGNAT and Graylog Server

Question

Dear F5 Community,&nbsp;I have F5 model Model: BIG-IP i7600 with version: Version: 14.1.0.3 Build 0.0.6 running as CGNAT.And I installed Graylog server version: 3.0 free edition to receive the LSN CGNAT logs.I followed document below to send the CGNAT logs from F5 CGNAT to the Graylog server as HSL, but Graylog can not receive the CGNAT logs from F5.https://techdocs.f5.com/en-us/bigip-14-0-0/big-ip-cgnat-implementations-14-0-0/using-cgnat-logging-and-subscriber-traceability.html&nbsp;Everyone used to have such experience? and how to solve the issue?&nbsp;Please kindly advise.Thank you.&nbsp;

nag · Answer

Hi,&nbsp;I didnt come across such a problem.&nbsp;However,  best way to troubleshoot to find the root cause is to take packet captures::&nbsp;Here is the command you could use to get packet captures F5:&nbsp;tcpdump -vvni 0.0:nnnp -s0 host &lt;IP_Address_of_Graylog&gt; and port &lt;PORT_of_Graylog&gt; -w /var/log/file_name.pcap&nbsp;Hope this helps,Nag

paulonl · Answer

Hi Nag,&nbsp;Thank for your information.Yes, i used to use the command: tcpdump&nbsp;I can see message sending to Graylog server, but at the server Graylog does not receive the logs.May you please have any more advice?&nbsp;Thank with regards,PaulONL&nbsp;

Forum Discussion

Problem between F5 CGNAT and Graylog Server

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Source_Addr Persistence Problems

Problem about Export imformation to Excel

C3D first request problem

Troubleshooting TLS Problems With ssldump

Monitor problem

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS