Hi. I'm so close to having a working loghost, with stunnel encrypted connections. Not close enough however. I have syslog-ng setup to log to 127.0.0.1:5515 on all clients. The client config: [syslogngs] accept = 127.0.0.1:5515 connect = 192.168.1.7:5514 On the loghost, stunnel listens on *.5514 and forwards to connection to 127.0.0.1:5515 (which syslog-ng is listening on). (server config): [syslogngs] accept = 192.168.1.7:5514 connect = 127.0.0.1:5515 I'm making an assumption that the certificates are working, as I'm using (or attempting to use) both client and server authentication. Watching the stream with a packet sniffer shows absolutely no connections between the client and the loghost. Strings such as this appear in the stunnel.log repeatedly: 2004.08.16 20:42:26 LOG7[7690:1006693376]: syslogngs started 2004.08.16 20:42:26 LOG5[7690:1006693376]: syslogngs connected from 127.0.0.1:2956 2004.08.16 20:42:26 LOG7[7690:1006693376]: SSL state (accept): before/accept initialization 2004.08.16 20:42:26 LOG7[7690:1006693376]: waitforsocket: FD=13, DIR=read 2004.08.16 20:42:26 LOG7[7690:1006690304]: syslogngs accepted FD=14 from 127.0.0.1:24856 2004.08.16 20:42:26 LOG7[7690:1006690304]: FD 14 in non-blocking mode 2004.08.16 20:42:26 LOG7[7690:1006763008]: syslogngs started 2004.08.16 20:42:26 LOG5[7690:1006763008]: syslogngs connected from 127.0.0.1:24856 2004.08.16 20:42:26 LOG7[7690:1006763008]: SSL state (accept): before/accept initialization 2004.08.16 20:42:26 LOG7[7690:1006763008]: waitforsocket: FD=14, DIR=read 2004.08.16 20:42:26 LOG7[7690:1006763008]: waitforsocket: ok 2004.08.16 20:42:26 LOG3[7690:1006763008]: SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol 2004.08.16 20:42:26 LOG7[7690:1006763008]: syslogngs finished (1 left) 2004.08.16 20:47:26 LOG7[7690:1006693376]: waitforsocket: timeout 2004.08.16 20:47:26 LOG7[7690:1006693376]: syslogngs finished (0 left) Have I made some glaring error that I'm not aware of? thanks mark