You know I had tried those good suggestions, and was about to give up when the problem 'magically' went away. By the way, both boxes are RH 7.2.
Actually I think I must not have been taking actions on the log client that would generate a write to the server. Since port 514 was not open and I was sure that it had to be, I thought there must have been some other problem.
Thanks to snort, I learned that the logs are received on the non-well-known and randomly chosen ports, not 514. This is contrary to what I had read. It seems to work out better this way though, as you can have no services running on dedicated ports. Adding a few chains/tables rules on top of that, the log server becomes much harder to detect from scanning programs.
Ahhhh, it's always such a relief when something that should work, actually does.