11.10. Release 6.6

New Features

  • Added configurable protocol display format for syslog. The protocol can be shown as numeric (default), uppercase (TCP/UDP/ICMP/ICMPV6/GRE/ESP), or lowercase (tcp/udp/icmp/icmpv6/gre/esp)

  • Added a configurable timezone option for syslog timestamp formatting

  • Added fully customizable template-based formatting for NAT logs. All log types can now be formatted using user-defined templates, including IPv4 and IPv6 (where applicable):

    NAT Session logs

    $event, $dir, $direction, $vrf, $proto, $ip_int, $ip_ext, $ip_dst, $tp_int, $tp_ext, $tp_dst

    NAT Port block logs

    $event, $vrf, $ip_int, $ip_ext, $tp_ext_first, $tp_ext_last, $port_range

    NAT Address map logs

    $event, $vrf, $ip_int, $ip_ext

    NAT Port map logs

    $event, $vrf, $proto, $ip_int, $ip_ext, $tp_int, $tp_ext

    Common variables

    $syslog_ts, $hostname

    Protocol variables

    $proto (numeric), $proto_upper (TCP/UDP/ICMP/ICMPV6/GRE/ESP), $proto_lower (tcp/udp/icmp/icmpv6/gre/esp). To change the protocol format in the default configuration, use: [no] nat log server 0 type syslog format proto ![(upper|lower|numeric)]

    Zero-padded variables

    $ip_int_pad, $ip_ext_pad, $ip_dst_pad (085.198.104.034), $tp_int_pad, $tp_ext_pad, $tp_dst_pad, $tp_ext_first_pad, $tp_ext_last_pad (00443), $port_range_pad (02176-02302)

    Templates support literal text and escaping ($$ for a literal $)

  • Added an optional short syslog header mode (PRI-only) for integration with legacy collectors or bandwidth-sensitive environments

  • Added support for $radius[N] variables in template-based log formatting. This allows referencing RADIUS accounting attributes directly in log templates (e.g., $radius[0], $radius[1]). Requires RADIUS accounting to be enabled before using these variables

Changes

  • Improved behavior of the no nat log server command. The command now completely removes the specified log server and all associated settings. To clear only the IP/port configuration while keeping other settings, use the extended form of the command: no nat log server <id> type <type> ip

  • Removed legacy field-based syslog format configuration. The commands nat log server <id> type syslog format field .. and nat log server <id> type syslog format enable are no longer available. Use template-based formatting instead, for example: nat log server <id> type syslog format template session <format_string>

    Warning

    Existing startup-config using “format field” will fail to load after upgrade. Update startup-config before rebooting

Bug Fixes

  • Fixed handling of the | character in commands with variable-length arguments. The pipe symbol is no longer treated as a CLI filter when used inside vararg parameters and can now be passed as part of the command input

  • Fixed an issue where entering an overly long command could terminate the active SSH session. The command is now rejected gracefully without closing the connection

  • Fixed an issue where IPFIX and NetFlow configuration could be applied incorrectly due to an internal ID mismatch

  • Fixed duplicate log messages that could occur for NAT64 sessions when using log profiles

  • Fixed NetFlow/IPFIX log mixing and malformed packets