NETGEAR FVS338 Router Manual PDF (Setup & Configuration Guide)

Page 86 / 178 Scroll up to view Page 81 - 85

FVS338 ProSafe VPN Firewall 50 Reference Manual

4-28

Firewall Protection and Content Filtering

v1.0, September 2006

:

To set up Firewall Logs and E-mail alerts:

1.

Select

Monitoring

from the main menu and then

Firewall Logs & E-mail

from the submenu.

The

Firewall Logs & E-mail

screen will display.

2.

Enter the name of the log in the

Log Identifier

field. Log Identifier is a mandatory field used

to identify the log messages. The ID appended to log messages.

3.

Enter a

Schedule

for sending the logs. From the

Unit

pull-down menu, select: Never, Hourly,

Daily, or Weekly. Then fill in the Day and Time fields that correspond to your selection.

Figure 4-18

Page 87 / 178

FVS338 ProSafe VPN Firewall 50 Reference Manual

Firewall Protection and Content Filtering

4-29

v1.0, September 2006

4.

In the

Security Logs

section, check the network segments radio box for which you would like

logs to be sent (for example, LAN to WAN under Dropped Packets).

5.

In the

System Logs

section, check the radio box for the type of system events to be logged.

6.

Check the

Yes

radio box to enable E-mail Logs. Then enter:

a.

E-mail Server address

– Enter the outgoing E-mail SMTP mail server address of your

ISP (for example, 172.16.1.10). If you leave this box blank, no logs will be sent to you.

b.

Return E-mail Address

– Enter the e-mail address of the user.

c.

Send To E-mail Address

– Enter the e-mail address where the logs and alerts should be

sent. You must use the full e-mail address (for example, [email protected]).

7.

The

No Authentication

radio box is checked by default. If your SMTP server authenticates

users, uncheck the radio box by selecting the authentication type—either

Login Plain

or

CRAM-MD5

—based on your SMTP server requirements. Then enter the user name and

password to be used for authentication.

8.

If you want to respond to IDENT protocol, check the

Respond to Identd from SMTP Server

radio box. The Ident Protocol is an Internet protocol that helps identify the user of a particular

TCP connection (a common daemon program for providing the ident service is identd).

9.

You can configure the firewall to send system logs to an external PC that is running a syslog

logging program. Click the

Yes

radio box to enable SysLogs and send messages to the syslog

server, then:

a.

Enter your

Syslog Server

IP address

b.

Select the appropriate syslog facility from the

SysLog Facility

pull-down menu. he

SysLog Facility levels of severity are described in

Table 4-3

below.

10.

Click

Reset

to cancel your changes and return to the previous settings.

11.

Click

Apply

to save your settings.

.

Table 4-3. SysLog Facility Message Levels

Numerical Code

Severity

0

Emergency: System is unusable

1

Alert: Action must be taken immediately

2

Critical: Critical conditions

3

Error: Error conditions

4

Warning: Warning conditions

Page 88 / 178

FVS338 ProSafe VPN Firewall 50 Reference Manual

4-30

Firewall Protection and Content Filtering

v1.0, September 2006

To view the Firewall logs:

1.

Click on the

View Log

icon opposite the

Firewall Logs & E-mail

tab. The

Logs

screen will

display.

2.

If the E-mail Logs options as been enabled, you can send a copy of the log by clicking

send

log.

3.

Click

refresh log

to retrieve the latest update; and click

clear log

to delete all entries.

Log entries are described in

Table 4-4

.

5

Notice: Normal but significant conditions

6

Informational: Informational messages

7

Debug: Debug level messages

Figure 4-19

Table 4-3. SysLog Facility Message Levels (continued)

Numerical Code

Severity

Page 89 / 178

FVS338 ProSafe VPN Firewall 50 Reference Manual

Firewall Protection and Content Filtering

4-31

v1.0, September 2006

Administrator Information

Consider the following operational items:

1.

As an option, you can enable remote management if you have to manage distant sites from a

central location (see

“Enabling Remote Management Access” on page 6-9

).

2.

Although setting firewall rules (see

“Using Rules to Block or Allow Specific Kinds of Traffic”

on page 4-1

) is the basic way of managing the traffic through your system, you can further

refine your control with the following features of the VPN firewall:

–

Groups and hosts (see

“Managing Groups and Hosts” on page 3-5

)

–

Services (see

“Services-Based Rules” on page 4-2

)

–

Schedules (see

“Setting a Schedule to Block or Allow Traffic” on page 4-20

)

–

Block sites (see

“Setting Block Sites (Content Filtering)” on page 4-21

)

–

Source MAC filtering (see

“Enabling Source MAC Filtering” on page 4-23

)

–

Port triggering (see

“Setting Up Port Triggering” on page 4-24

)

Table 4-4.

Log Entry Descriptions

Field

Description

Date and Time

The date and time the log entry was recorded.

Description or Action

The type of event and what action was taken if any.

Source IP

The IP address of the initiating device for this log entry.

Source port and

interface

The service port number of the initiating device, and whether it originated from the

LAN, WAN or DMZ.

Destination

The name or IP address of the destination device or Web site.

Destination port and

interface

The service port number of the destination device, and whether it’s on the LAN,

WAN or DMZ.

Page 90 / 178

FVS338 ProSafe VPN Firewall 50 Reference Manual

4-32

Firewall Protection and Content Filtering

v1.0, September 2006

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share