Set up an external Syslog server in your FortiGate Instant AP to forward Syslogs to Cloudi-Fi
Prerequisites
Before starting, ensure that you have the following prerequisites:
- Access to the FortiGate.
- Cloudi-Fi captive portal configuration in FortiOS completed
1. Enable rules for all sessions
- Go to Policy & Objects
- Select Firewall Policy
For each Policy enabled for the Cloudi-Fi captive portal, ensure the Log Allowed Traffic option is on for All Sessions.
2. Add the IP address of the Cloudi-Fi Syslog server
- Go to Log & Report
- Select Log settings
Under the Local traffic logging section
-
Enable Syslog logging
-
IP Address/FQDN: RADIUS & SYSLOG servers
3. Add user activity events
- Go to Log & Report
- Select Log settings
- Under the Log Settings section
-
Select or Add User activity event
4. Syslog over TLS
To send your logs over TLS, see below the corresponding CLI commands :
config log syslogd setting
# Activate syslog over TLS (reliable mode)
set mode reliable
set certificate "xxxxxxxxx"
set port 6516
end
# Enter "yes" to validate the port 6516
Please ask to Cloudi-Fi support the necessary certificate.
Troubleshooting
If you have any questions, don’t hesitate to get in touch with us : How to contact your support?
What’s next?
Please refer to this page for additional details regarding Forti and Cloudi-Fi configurations.