1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVX538
    5. /
  5. 43
Page 211 / 240 Scroll up to view Page 206 - 210
ProSafe VPN Firewall 200 FVX538 Reference Manual
System Logs and Error Messages
C-5
v1.0, March 2009
Auto Rollover
When the WAN mode is configured for Auto Rollover, the primary link is active and secondary
acts only as a backup. When the primary link goes down, the secondary link becomes active only
until the primary link comes back up. The device monitors the status of the primary link using the
configured WAN Failure Detection method.
This section describes the logs generated when the WAN mode is set to Auto Rollover.
System Logs: WAN Status, Auto Rollover
Message
Nov 17 09:59:09 [FVX538] [wand] [LBFO] WAN1 Test Failed 1 of 3 times_
Nov 17 09:59:39 [FVX538] [wand] [LBFO] WAN1 Test Failed 2 of 3 times_
Nov 17 10:00:09 [FVX538] [wand] [LBFO] WAN1 Test Failed 3 of 3 times_
Nov 17 10:01:01 [FVX538] [wand] [LBFO] WAN1 Test Failed 4 of 3 times_
Nov 17 10:01:35 [FVX538] [wand] [LBFO] WAN1 Test Failed 5 of 3 times_
Nov 17 10:01:35 [FVX538] [wand] [LBFO] WAN1(DOWN), WAN2(UP),
ACTIVE(WAN2)_
Nov 17 10:02:25 [FVX538] [wand] [LBFO] WAN1 Test Failed 6 of 3 times_
Nov 17 10:02:25 [FVX538] [wand] [LBFO] Restarting WAN1_
Nov 17 10:02:57 [FVX538] [wand] [LBFO] WAN1 Test Failed 7 of 3 times_
Nov 17 10:03:27 [FVX538] [wand] [LBFO] WAN1 Test Failed 8 of 3 times_
Nov 17 10:03:57 [FVX538] [wand] [LBFO] WAN1 Test Failed 9 of 3 times_
Nov 17 10:03:57 [FVX538] [wand] [LBFO] Restarting WAN1_
Explanation
The Logs suggest that the fail-over was detected after 5 attempts instead of 3.
However, the reason the messages appear as above is because of the WAN
state transition logic which is part of the failover algorithm. The above logs can
be interpreted as below. The primary link failure is properly detected after the
3rd attempt. Thereafter the algorithm attempts to restart WAN and checks once
again to see if WAN1 is still down. This results in the 4th failure detection
message. If it is then it starts secondary link and once secondary link is up,
secondary link is marked as active. Meanwhile secondary link has failed once
more and that results 5th failure detection message. Please note that the 5th
failure detection and the message suggesting secondary link is active have the
same timestamp and so they happen in the same algorithm state-machine
cycle. So although it appears that the failover did not happen immediately after
3 failures, internally, the failover process is triggered after the 3rd failure and
transition to secondary link is completed by the 5th failure. The primary link is
also restarted every 3 failures till it is functional again. In the above log, primary
link was restarted after the 6th failure i.e. 3 failures after the failover process
was triggered.
Recommended Action
Check the WAN settings and WAN failure detection method configured for the
primary link.
Page 212 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
C-6
System Logs and Error Messages
v1.0, March 2009
PPP Logs
This section describes the WAN PPP connection logs. The PPP type can be configured from the
web management.
PPPoE Idle-Timeout Logs.
Table C-9. System Logs: WAN Status, PPE, PPPoE Idle-Timeout
Message
Nov 29 13:12:46 [FVX538] [pppd] Starting connection
Nov 29 13:12:49 [FVX538] [pppd] Remote message: Success
Nov 29 13:12:49 [FVX538] [pppd] PAP authentication succeeded
Nov 29 13:12:49 [FVX538] [pppd] local IP address 50.0.0.62
Nov 29 13:12:49 [FVX538] [pppd] remote IP address 50.0.0.1
Nov 29 13:12:49 [FVX538] [pppd] primary DNS address 202.153.32.3
Nov 29 13:12:49 [FVX538] [pppd] secondary DNS address 202.153.32.3
Nov 29 11:29:26 [FVX538] [pppd] Terminating connection due to lack of activity.
Nov 29 11:29:28 [FVX538] [pppd] Connect time 8.2 minutes.
Nov 29 11:29:28 [FVX538] [pppd] Sent 1408 bytes, received 0 bytes.
Nov 29 11:29:29 [FVX538] [pppd] Connection terminated.
Explanation
Message 1: PPPoE connection establishment started.
Message 2: Message from PPPoE server for correct login
Message 3: Authentication for PPP succeeded.
Message 4: Local IP address assigned by the server.
Message 5: Server side IP address.
Message 6: primary DNS configured in WAN status page.
Message 7: secondary DNS configured in WAN status page.
Message 8: The PPP link has transitioned to idle mode. This event occurs if
there is no traffic from the LAN network.
Message 9: The time in minutes for which the link has been up.
Message 10: Data sent and received at the LAN side during the link was up.
Message 11: PPP connection terminated after idle timeout
Recommended Action
To reconnect during idle mode, initiate traffic from the LAN side.
Page 213 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
System Logs and Error Messages
C-7
v1.0, March 2009
PPTP Idle-Timeout Logs.
PPP Authentication Logs.
Web Filtering and Content Filtering Logs
To enable web keyword filtering logs from the CLI, set the value of keywordLog to 1.
The CLI command is: monitor/firewallLogs/logger/loggerConfig keywordLog 1
Table C-10. System Logs: WAN Status, PPE, PPTP Idle-Timeout
Message
Nov 29 11:19:02 [FVX538] [pppd] Starting connection
Nov 29 11:19:05 [FVX538] [pppd] CHAP authentication succeeded
Nov 29 11:19:05 [FVX538] [pppd] local IP address 192.168.200.214
Nov 29 11:19:05 [FVX538] [pppd] remote IP address 192.168.200.1
Nov 29 11:19:05 [FVX538] [pppd] primary DNS address 202.153.32.2
Nov 29 11:19:05 [FVX538] [pppd] secondary DNS address 202.153.32.2
Nov 29 11:20:45 [FVX538] [pppd] No response to 10 echo-requests
Nov 29 11:20:45 [FVX538] [pppd] Serial link appears to be disconnected.
Nov 29 11:20:45 [FVX538] [pppd] Connect time 1.7 minutes.
Nov 29 11:20:45 [FVX538] [pppd] Sent 520 bytes, received 80 bytes.
Nov 29 11:20:51 [FVX538] [pppd] Connection terminated.
Explanation
Message 1: Starting PPP connection process
Message 2: Message from server for authentication success
Message 3: Local IP address assigned by the server.
Message 4: Server side IP address.
Message 5: primary DNS configured in WAN status page.
Message 6: secondary DNS configured in WAN status page.
Message 7: Sensing idle link
Message 8: Idle link sensed
Message 9: Data sent and received at the LAN side during the link was up.
Message 10: PPP connection terminated after idle timeout
Recommended Action
To reconnect during idle mode, initiate traffic from the LAN side.
Table C-11. System Logs: WAN Status, PPE, PPP Authentication
Message
Nov 29 11:29:26 [FVX538] [pppd] Starting link
Nov 29 11:29:29 [FVX538] [pppd] Remote message: Login incorrect
Nov 29 11:29:29 [FVX538] [pppd] PAP authentication failed
Nov 29 11:29:29 [FVX538] [pppd] Connection terminated.WAN2(DOWN)_
Explanation
Starting link: Starting PPPoE connection process
Remote message: Login incorrect: Message from PPPoE server for incorrect
login
PAP authentication failed: PPP authentication failed due to incorrect login
Connection terminated: PPP connection terminated
Recommended Action
If authentication fails, then check the login/password and enter the correct one.
Page 214 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
C-8
System Logs and Error Messages
v1.0, March 2009
Table C-12. System Logs: Web Filtering and Content Filtering
Message
Jan 23 16:36:35 [FVX538] [kernel] [KEYWORD_BLOCKED] [URL]==>[
www.redhat.com/ ] IN=SELF OUT=SELF SRC=192.168.10.210
DST=209.132.177.50 PROTO=TCP SPT=4282 DPT=80
Explanation
This packet is blocked by keyword blocking
The URL blocked due to keyword blocking is shown by [URL] along with
source and destination IP addressed, protocol, source port and destination
port.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Message
Jan 23 16:53:32 [FVX538] [kernel] [JAVA_BLOCKED] [URL]==>[
www.java.com/js/css.js ] IN=SELF OUT=SELF SRC=192.168.10.210
DST=72.5.124.95 PROTO=TCP SPT=4294 DPT=80
Explanation
This packet is blocked by content filtering with java components
The URL blocked due to java content filtering is [URL] along with source and
destination IP addressed, protocol, source port and destination port.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Message
Jan 23 16:56:08 [FVX538] [kernel] [COOKIE_BLOCKED] [URL]==>[
www.java.com/en/img/headline/340x155_sportsforeveryone.jpg ] IN=SELF
OUT=SELF SRC=192.168.10.210 DST=72.5.124.95 PROTO=TCP SPT=4321
DPT=80
Explanation
This packet is blocked by content filtering for cookies
The URL blocked due to cookie filtering shown by [URL] along with source
and destination IP addressed, protocol, source port and destination port.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Message
Jan 23 16:53:32 [FVX538] [kernel] [JAVA_BLOCKED] [URL]==>[
www.java.com/js/css.js ] IN=SELF OUT=SELF SRC=192.168.10.210
DST=72.5.124.95 PROTO=TCP SPT=4294 DPT=80
Explanation
This packet is blocked by content filtering with java components
The URL blocked due to java content filtering is [URL] along with source and
destination IP addressed, protocol, source port and destination port.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Page 215 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
System Logs and Error Messages
C-9
v1.0, March 2009
Traffic Metering Logs
Unicast Logs
ICMP Redirect Logs
Multicast/Broadcast Logs
Table C-13. System Logs: Traffic Metering
Message
Jan 23 19:03:44 [TRAFFIC_METER] TRAFFIC_METER: Monthly Limit of 10
MB has reached for WAN1._
Explanation
Traffic limit to WAN1 that was set as 10Mb has been reached.
This stops all the incoming and outgoing traffic if configured like that in “When
Limit is reached” on Traffic Meter web page.
Recommended Action
To start the traffic, restart the Traffic Limit Counter.
Table C-14. System Logs: Unicast
Message
Nov 24 11:52:55 [FVX538] [kernel] UCAST IN=SELF OUT=WAN SRC=192.168.10.1
DST=192.168.10.10 PROTO=UDP SPT=800 DPT=2049
Explanation
This packet (Unicast) is destined to the device from the WAN network.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Table C-15. System Logs: Unicast, Redirect
Message
Feb 2007 22 14:36:07 [FVX538] [kernel] [LOG_PACKET] SRC=192.168.1.49
DST=192.168.1.124 PROTO=ICMP TYPE=5 CODE=1
Explanation
This packet is ICMP Redirect message sent to the router bye another router.
For other parameters, refer to
Table C-1
.
Recommended Action
To enable these logs, from CLI command prompt of the router, enter this
command:
monitor/firewallLogs/logger/loggerConfig logIcmpRedirect 1
And to disable it,
monitor/firewallLogs/logger/loggerConfig logIcmpRedirect 0
Table C-16. System Logs: Multicast/Broadcast
Message
Jan 1 07:24:13 [FVX538] [kernel] MCAST-BCAST IN=WAN OUT=SELF
SRC=192.168.1.73 DST=192.168.1.255 PROTO=UDP SPT=138 DPT=138

Rate

4 / 5 based on 1 vote.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top