Network consists of a Primary and secondary manager and two enforcement points. The primary manager and enforcement are the same server, the secondary manager and second enforcement module are separate servers. THe secondary devices are new and properly route and filter traffic but I can not find any logs for secondary enforcement point.
I would prefer these logs to be located on my primary manager but I will take any configurtion where I can find them at this point. Can any one give me the logging settings necessary for the second enforcement point to log to the primary manager?
I was hoping for the details on the proper settings for my scenario. All settings that I have attempted have not resulted in logs being created for the secondary server.
Don't know if this has been resolved or not, have you tried doing a tcpdump on the remote module for port 257 traffic? This could be an indication as to what is happening. Other thing I have seen is that if you have a mgmt station that is 'natted' you need to put the NAT address in the topology page of the mgmt station. Then in the address translation tab of the remote module you need to do a nat so that the module translates the mgmts actual ip to the natted ip when it's sending it's logs.
