Remote Device Activity Capture
NAC 800 to Infoblox Connector
12-22
d. In the ### LOG ENTRIES HERE ### area, add the following line:
log { source(rdac); filter(f_mesg);
destination(d_dac); };
e.
Save and exit the file.
f.
Enter the following at the command line to restart the service:
service syslog-ng restart
7.
Add the iptables firewall rule to allow this syslog traffic:
a.
Stop iptables by entering the following at the command line:
service nac-es stop
fw_control stop
b. Open the following file with a text editor such as vi:
/etc/sysconfig/iptables
c.
Add the following line before the # REJECT lines in the RH-Lokkit-
0-50-INPUT section, and after the RELATED,ESTABLISHED line:
d. -A RH-Lokkit-0-50-INPUT -s <INFOBLOX_IP> -p tcp -m
tcp --dport 514 -m state --state NEW -j ACCEPT
Where:
<INFOBLOX_IP> is the IP address of the Infoblox server.
e.
Restart iptables by entering the following at the command line:
fw_control start
service nac-es start