1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS124G
    5. /
  5. 22
Page 106 / 238 Scroll up to view Page 101 - 105
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
6-30
Firewall Protection and Content Filtering
202-10085-01, March 2005
Getting E-Mail Notifications of Event Logs and Alerts
Your router will log security-related events such as denied incoming service requests, hacker
probes, and administrator logins, according to your settings on this screen.
If you have set up content filtering on the Block Sites page (see
“Block Sites” on page 6-24
), you
can also log when someone on your network tried to access a blocked site.
In order to receive logs and alerts by e-mail, you must provide your e-mail information in the
E-Mail Logs subheading:
Table 6-6.
Port Triggering
Item
Description
Port Triggering
Rules
Enable - Indicates if the rule is enabled or disabled. Generally, there is no need to
disable a rule unless it interferes with some other function such as Port Forwarding.
Name - The name for this rule.
Outgoing Ports - The port or port range for outgoing traffic. An outgoing connection
using one of these ports will trigger this rule.
Incoming Ports - The port or port range used by the remote system when it
responds to the outgoing request. A response using one of these ports will be
forwarded to the PC which triggered this rule.
Adding a new Rule
To add a new rule, click the Add and enter the following data on the resulting
screen.
Name - enter a suitable name for this rule (e.g., the name of the application)
Enable/Disable - select the desired option.
Outgoing (Trigger) Port Range - enter the range of port numbers used by the
application when it generates an outgoing request.
Incoming (Response) Port Range - enter the range of port numbers used by the
remote system when it responds to the PC's request.
Modifying or Deleting
an existing Rule:
Select the desired rule by clicking the radio button beside the rule.
Click Edit or Delete as desired.
Checking Operation
and Status
To see which rules are currently being used, click the Status button. The following
data will be displayed:
Rule - the name of the Rule.
LAN IP Address - The IP address of the PC currently using this rule.
Open Ports - the Incoming ports which are associated the this rule. Incoming traffic
using one of these ports will be sent to the IP address above.
Time Remaining - The time remaining before this rule is released, and thus
available for other PCs. This timer is restarted whenever incoming or outgoing
traffic is received.
Page 107 / 238
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
Firewall Protection and Content Filtering
6-31
202-10085-01, March 2005
Figure 6-18:
Logs and E-mail screens
Click on View Log button to view various log messages generated by the Router.
In view log window To delete all log entries: Click Clear Log.
To see the most recent entries: Click Refresh.
To E-mail the log messages now: Click Send Log.
Log Identifier is a mandatory field to identify the log messages. This ID appended to log messages.
Page 108 / 238
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
6-32
Firewall Protection and Content Filtering
202-10085-01, March 2005
Items to include in the log:
Use these checkboxes to determine which events are included in the log. Selecting all events
will increase the size of the log, so it is good practice to disable any events which are not really
required.
Selecting an event under Include In Log will enable logging of messages pertaining to that
event. Ex: Selecting Admin Login, will enable generation of log messages whenever Admin
logs in.
Selecting an event under Include In Alerts will enable logging of messages pertaining to that
event. This category typically contains Internet Attack events. Ex: Selecting SYN Flood, will
enable generation of Alert messages whenever SYN Flood occurs.
Emailing logs:
If you have Email Logs enabled, you'll receive these logs in an Email message.
To receive alerts and logs by e-mail you have to enable Email Logs option.
In the Respond to Identd from SMTP Server check this box to respond to IDENT protocol.
In the Email Server address Enter E-mail outgoing SMTP mail server of your ISP (for
example, 172.16.1.10).
If you leave this box blank, no alerts or logs will be sent to you.
In the Return Email Address box, type the user's e-mail address.
In the Log / Alert Email box, type the e-mail address where the logs and alerts will be sent.
Use a full e-mail address (for example, [email protected]).
In the Authenticate with SMTP server Check this box to enable authentication for alerts
and logs.
In the User Name Box, fill the user name for SMTP authentication.
In the Password Box, fill the password for SMTP authentication.
Syslog—Enable or disable as required:
Disable - Select this if you don't have a Syslog server.
Enable - Syslog server IP address - If your Syslog server has a fixed IP address, select this
option, and enter the IP address of your Syslog server and select appropriate syslog facility.
Message length and frequency:
In the Log Queue Length box, set the logs queue length.
Page 109 / 238
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
Firewall Protection and Content Filtering
6-33
202-10085-01, March 2005
In the Log Threshold Time box, set the logs Threshold time.
In the Alert Queue Length box, set the alerts queue length.
Click Apply to have your changes take effect.
Syslog
You can configure the firewall to send system logs to an external PC that is running a syslog
logging program. Enter the IP address of the logging PC and click the Enable Syslog checkbox.
Logging programs are available for Windows, Macintosh, and Linux computers.
Viewing Logs of Web Access or Attempted Web Access
The firewall will log security-related events such as denied incoming and outgoing service
requests, hacker probes, and administrator logins.
If you enable content filtering in the Block Sites menu, the Log page will also show you when
someone on your network tried to access a blocked site.
If you enabled e-mail notification, you'll receive these logs in an e-mail message.
If you don't have e-mail notification enabled, you can view the logs here.
An example is shown in
Figure 6-19
. Log entries are described in
Table 6-7
and log action buttons
are described in
Table 6-8
.
Page 110 / 238
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
6-34
Firewall Protection and Content Filtering
202-10085-01, March 2005
Figure 6-19:
Firewall Logs menu
Table 6-7.
Log entry descriptions
Field
Description
Date and Time
The date and time the log entry was recorded.
Description or
Action
The type of event and what action was taken if any.
Source IP
The IP address of the initiating device for this log entry.

Rate

4 / 5 based on 1 vote.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top