To get the firewall logs on the Adapter, you need to check whether you are getting logs on the Adapter and need to check the configuration on the firewalls.
You may follow the given below steps and their outputs:
Step 1: Check configuration at the FortiGate-Fortinet firewall
Check syslogd settings
set status enable ##enable logging to a remote syslog server
set server <IP Address> ##the IP Address of the DNIF Adapter
set port 514 ##Server listen port
set facility local0 ##identifies the source of the log message to syslog
set source-ip <src_ip> ##Source IP address of syslog
config log syslogd filter
set traffic enable
set web enable
set url-filter enable
Here, you can check the ip address and port number, enabled traffic, and any other rules set.
Step 2: Check the configuration at the Meraki Firewall
To configure Cisco Meraki to send log data to DNIF follow the below steps:
- Go to Meraki dashboard
- Select a device
- Select Alerts & Administration
- Scroll down to the Logging section
- Click Add a syslog server
- Type the IP address #IP Address of the DNIF Adapter
- Type port number #Server listen port
- Choose which types of events to export:
a. Event Log: The messages from the dashboard under Monitor > Event Log.
b. Flows: Inbound and outbound traffic flow-generated syslog messages that
include the source, destination, and port numbers.
c. URL— HTTP GET requests generating syslog entries.
Here, you can check the ip address and port number, enabled traffic, and any other rule set. You can go through the documentation link below.
Reference Link: Syslog Server Overview and Configuration - Cisco Meraki
Step 3: Check incoming logs on Adapter
tcpdump -nnnAvi [AD-Private-IP-interface] host [Fortigate-source-IP] and port 514
tcpdump -nnnAvi [AD-Private-IP-interface] host [Merai-source-IP] and port 514
Also, please provide screenshots of step 3, so that we can help you out more.
Step 4: On Adapter
Check whether port is open and reachable (check network settings)
Above steps should help you solve the issue. If not, allow us to help you out by providing relevant screenshots as currently these are the basic checks which are required before going to next troubleshoot steps.
If provided information was helpful and Got a success in any of the steps above. Do let us know.
Thanks & Regards