How to set up an external Syslog server configuration in FortiOS Fortigate – Cloudi-Fi Knowledge Base

Set up an external Syslog server in your FortiGate Instant AP to forward Syslogs to Cloudi-Fi

Prerequisites

Before starting, ensure that you have the following prerequisites:

Access to the FortiGate.
Cloudi-Fi captive portal configuration in FortiOS completed

1. Enable rules for all sessions

Go to Policy & Objects
Select Firewall Policy

For each Policy enabled for the Cloudi-Fi captive portal, ensure the Log Allowed Traffic option is on for All Sessions.

2. Add the IP address of the Cloudi-Fi Syslog server

Go to Log & Report
Select Log settings

Under the Local traffic logging section

Enable Syslog logging
IP Address/FQDN: RADIUS & SYSLOG servers

3. Add user activity events

Go to Log & Report
Select Log settings
- Under the Log Settings section

Select or Add User activity event

External Syslog server configuration in FortiOS Fortigate_ Add User activity events.png

4. Syslog over TLS

To send your logs over TLS, see below the corresponding CLI commands :

config log syslogd setting
# Activate syslog over TLS (reliable mode)
set mode reliable
set certificate "xxxxxxxxx"
set port 6516
end

# Enter "yes" to validate the port 6516

Please ask to Cloudi-Fi support the necessary certificate if you don't already have it.

Please add your firewall hostname as "Vendor ID" identifier under Locations > Network Parameters :

This is necessary to match the logs we receive with your Cloudi-Fi tenant & location.

Troubleshooting

If you have any questions, don’t hesitate to get in touch with us : How to contact your support?

What’s next?

Please refer to this page for additional details regarding Forti and Cloudi-Fi configurations.

For more information on Cloudi-Fi's solution partnership with Fortinet, visit our Fortinet partner page.

Search

Cloudi-Fi Knowledge Base