diff --git a/deployment_scripts/puppet/manifests/ironic-conductor.pp b/deployment_scripts/puppet/manifests/ironic-conductor.pp
index d230e61..4e87302 100644
--- a/deployment_scripts/puppet/manifests/ironic-conductor.pp
+++ b/deployment_scripts/puppet/manifests/ironic-conductor.pp
@@ -126,9 +126,3 @@ service { $rsyslog::params::service_name:
   enable  => true,
 }
 
-firewall { '100 rsyslog' :
-  dport   => '514',
-  proto   => 'udp',
-  action  => 'accept',
-}
-
diff --git a/deployment_scripts/puppet/manifests/network-conductor.pp b/deployment_scripts/puppet/manifests/network-conductor.pp
index eba9b6f..8e26c7d 100644
--- a/deployment_scripts/puppet/manifests/network-conductor.pp
+++ b/deployment_scripts/puppet/manifests/network-conductor.pp
@@ -11,6 +11,14 @@ $baremetal_network = get_network_role_property('ironic/baremetal', 'network')
 firewallchain { 'baremetal:filter:IPv4':
   ensure => present,
 } ->
+firewall { '100 allow rsyslog':
+  chain  => 'baremetal',
+  source => $baremetal_network,
+  destination => $baremetal_ipaddr,
+  proto  => 'udp',
+  dport => '514',
+  action => 'accept',
+} ->
 firewall { '101 allow TFTP':
   chain  => 'baremetal',
   source => $baremetal_network,
@@ -19,7 +27,7 @@ firewall { '101 allow TFTP':
   dport => '69',
   action => 'accept',
 } ->
-firewall { '102 allow related':
+firewall { '900 allow related':
   chain  => 'baremetal',
   source => $baremetal_network,
   destination => $baremetal_ipaddr,
diff --git a/deployment_scripts/puppet/modules/ironic/templates/55-server-ironic.conf.erb b/deployment_scripts/puppet/modules/ironic/templates/55-server-ironic.conf.erb
index acf950a..4b27730 100644
--- a/deployment_scripts/puppet/modules/ironic/templates/55-server-ironic.conf.erb
+++ b/deployment_scripts/puppet/modules/ironic/templates/55-server-ironic.conf.erb
@@ -32,7 +32,7 @@ $ActionQueueDequeueBatchSize 128
 $ActionResumeRetryCount -1
 $SystemLogRateLimitInterval 0   # disable rate limits for rsyslog
 
-
+$template RemoteLogIronic, "<%%pri%>%timestamp% %syslogtag:R,ERE,2,FIELD:(ironic/.​*/)(.*​)--end% %msg:::sp-if-no-1st-sp%%msg%\n"
 $template RemoteLogFile, "/var/log/remote/%syslogtag:R,ERE,1,DFLT:([A-Za-z][A-Za-z0-9_./-]*)--end%.log"
 
-:FROMHOST, regex, "^[1-9]" -?RemoteLogFile;RemoteLog
+:FROMHOST, regex, "^[1-9]" -?RemoteLogFile;RemoteLogIronic