How Can I Trick A Network Device

[DumbFalang]

I am testing a device that has a "local" logging facility. I think the manufacturer enforces this by asking for a Gateway in the device settings. I want the device to send logging data to an external IP address.

Is there a way to setup a router to forward packets received on an internal address, out to an external IP address ?

[niveknedwob]

Can you say what 'kind' of device this is. Make/Model Number will suffice.

[DumbFalang]

Can you say what 'kind' of device this is. Make/Model Number will suffice.

You will not have heard of it. It shouldn't really matter as it behaves the same as any reglular network device that outputs syslog messages.

[NUMBNUTTS]

You would have to reflash the firmware

[Crushdepth]

When you say it logs 'locally' do you mean internally, or will it let you log to another machine within your LAN?

[Prasert]

Look deeper into the syslog service. "Local" is a logging level within syslog, which can be used to process received syslog messages in different groups. The syslog description of your device should tell more about this - in that case, local has nothing to do with an IP address.

The send syslog messages to a syslog daemon, check the command reference. It will probably be a command like logging <ip address> [syslog level]

[DumbFalang]

When you say it logs 'locally' do you mean internally, or will it let you log to another machine within your LAN?

It will log to any machine in the local LAN. There is an overview of the settings here www.rpra.co.uk/t-link.htm

The reason I believe it will only log within the local LAN is because of the instruction "The IP address of the gateway must also be a valid IP address for the local subnet."

Of course - I may be wrong

[stumonster]

you only need a gateway if the packets are to be routed to an external interface - the gateway address if for the packets to go to a device with a routing table that has knowledge of a route outside your local network.

if you are just sending within the same subnet you don't need a gateway address.

I would have thought that if you provide an IP address outside the network and a gateway is set it would go the the gateway ( router ) which would determine that the packets need to be sent via the external interface.

you seem to want to have the log of events recorded at a remote computer over the internet . I would just set up a VPN server on your local network and then have the remote computer run a VPN client which will allow it to connect to the server and have a local network address . to the devices on the local network it would seem to them that the remote computer was on the local network.

VPN tunnels are the most secure way to link remote computers / networks - and with a little bit of skill can be created cheaply

[niveknedwob]

Your gateway WILL be a valid address on your LAN - but it (the gateway device) then needs to know where to send the log data from this device.

Given the nature and purpose of this device, and assuming that you would like to have all info recorded in a single, central location I would suggest that there would be a certain additional investment required for each site deploying them, in terms of local comms h/w.

Why not log data locally at each site and set up a scheduled email task or something locally to send the data to the central monitoring site via 'more normal' channels ? You could then (automatically) monitor the incoming emails at the central location for 'significant events' and raise the necessary alerts that way.

Of course this all depends on required service response times ... but the time difference between direct comms of the log data and receipt via email (or another method) need not be too great depending on the 'carrier'.