Unable to get new remote logging working with Graylog

[guest22698]

Hi! I have been using old remote logging with Graylog for a while, and it was working very well. And, since 19.7 new remote logging was introduced, I decided to give it a try. But I can't get it to start working at all.

I have Graylog server installed on Azure virtual machine. Between Azure and my OPNsense router I have created site to site tunnel. I followed this tutorial - https://docs.opnsense.org/manual/how-tos/ipsec-s2s.html
My OPNsense subnet - 10.27.7.0/24
Azure subnet - 10.12.14.0/24

This is how I have configured new remote logging destination, I have tried both TCP(4) and UDP(4) -


And this is how I was configured old remote logging destination -


I have removed old remote logging configuration already, so only new remote logging destination configuration is actual now. But problem is that I can't see any incoming traffic on Graylog server, no any active connections, no incoming logs. When I had old remote logging enabled, everything was working well, I haven't changed any firewall or IPsec tunnel settings since then.

Can someone help? Maybe I have to add additional firewall rule? If you need to see more information about my configuration, just ask. Thanks!  :)

[guest22698]

No one? :-\

I looked into System > Logs > General and found this -

[lfirewall1243]

On my Graylog server the timestamps were different, try to look for logs of all Time.

Whe i changed the time window, i saw fresh incoming logs