Answers: Syslog 3

By certskills July 2, 2016 09:10

Logging happens to be one of those configuration topics that is easy to overlook. In real life, you would probably figure out the site standard, and then configure most routers and switches the exact same way. As a result, you might forget all the little configuration details. If you’re preparing for CCENT or CCNA R&S, go back and try this latest lab first, and then check your answers here.


Figure 1: Two Router Topology


Example 1: R1 Config (Global Commands)


Example 2: R2 Config (Global Commands)



For this lab we are focused on configuring device logging and syslog. Note that the requirements for this lab are not in line with what would be configured on a production network and have been set up as a way to configure a number of different logging and syslog commands within a single lab on only two devices.

Examples 1 and 2 show the configuration on routers R1 and R2, respectively. The examples note which requirements are met by which commands. Rather than repeat all those commands, the following list details a few points that are not obvious from looking at the commands:

  • R1 requirement 1: on R1, the no logging monitor global command means that no remote terminal user (that is, Telnet or SSH user) can see log messages on their terminal session after using the terminal monitor command.
  • Severity levels: The lab references severity level 4 (warning), 5 (notification), and 6 (informational). Many of the logging commands can take the number or name for a severity level in the same position in the command. For instance, on R2, logging monitor notifications could have instead been configured as logging monitor 6.
Answers: GRE Tunnel 2
L3 EtherChannel 1
By certskills July 2, 2016 09:10
Write a comment


  1. adrikayak September 26, 07:51

    Hello Wendell,

    Aren’t all the “logging” commands but “logging console” disabled by default?

    Reply to this comment
    • CCENTSkills October 4, 16:09

      Actually, I don’t think so. I booted a router with no startup-config to check, here’s what I see in show log:

      Router#show log
      Syslog logging: enabled (0 messages dropped, 3 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)

      No Active Message Discriminator.

      No Inactive Message Discriminator.

      Console logging: level debugging, 34 messages logged, xml disabled,
      filtering disabled
      Monitor logging: level debugging, 0 messages logged, xml disabled,
      filtering disabled
      Buffer logging: level debugging, 34 messages logged, xml disabled,
      filtering disabled
      Exception Logging: size (4096 bytes)
      Count and timestamp logging messages: disabled
      Persistent logging: disabled

      No active filter modules.

      Trap logging: level informational, 37 message lines logged
      Logging Source-Interface: VRF Name:

      So, looks like logging monitor and logging buffered are also on.

      Reply to this comment
  2. JCW December 28, 05:39

    I’ve been going through Chapter 33, and I noticed that Early in the chapter you say “logging” is the command to enable logging on the server with that IP address. Later on in a table for all the commands, the command is listed as: “logging host”.
    Google seems to agree with the 2nd version.

    Is the first one have bad syntax, or is the command valid?

    Reply to this comment
    • certskills Author December 18, 08:30

      Missed your comment, but for anyone who comes here later… both are valid (with and without the host keyword).

      Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email


Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.