NETGEAR SRX5308 Router Manual PDF (Setup & Configuration Guide)

Page 361 / 469 Scroll up to view Page 356 - 360

Monitor System Access and Performance

361

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

6.

Click

Apply

to save your settings. The new account is added to the LAN Traffic Meter Table

on the LAN Traffic Meter screen.



To view the LAN IP traffic meter statistics:

In the LAN Traffic Meter Table, click the

Edit

table button to the right of the account for which

you want to view the statistics. The Edit LAN Traffic Meter Account screen displays. This

screen shows the same fields as the Add LAN Traffic Meter Account screen (see

Figure

231

on

page

360), together with the statistics at the bottom of the screen:

Figure 232.



To edit a LAN traffic meter account:

1.

In the LAN Traffic Meter Table, click the

Edit

table button to the right of the account that

you want to edit. The Edit LAN Traffic Meter Account screen displays. This screen shows

the same fields as the Add LAN Traffic Meter Account screen (see

Figure

231

on

page

360).

2.

Modify the settings as described in the previous table.

3.

Click

Apply

to save your settings.



To delete one or more LAN traffic meter accounts:

1.

In the LAN Traffic Meter Table, select the check box to the left of the account that you

want to delete, or click the

Select All

table button to select all accounts.

2.

Click the

Delete

table button.

Send e-mail report

before restarting

counter

An email report is sent immediately before the counter restarts. Ensure that emailing

of logs is enabled on the Firewall Logs & E-mail screen (see

Configure Logging,

Alerts, and Event Notifications

on page

362).

When Limit is reached

Block Traffic

Select one of the following radio buttons to specify what action the VPN firewall

performs when the traffic limit has been reached:

•

Block

. All incoming and outgoing Internet and email traffic is blocked.

•

Send Email Alert and Block

. An email alert is sent when all incoming and

outgoing Internet and email traffic is blocked. Ensure that emailing of logs is

enabled on the Firewall Logs & E-mail screen (see

Configure Logging, Alerts,

and Event Notifications

on page

362).

Table 89.

Add LAN Traffic Meter Account screen settings (continued)

Setting

Description

Page 362 / 469

Monitor System Access and Performance

362

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

Configure Logging, Alerts, and Event Notifications

You can configure the VPN firewall to log routing events such as dropped and accepted

packets, to log system events such as a change of time by an NTP server, secure login

attempts, and reboots, and to log other events. You can also schedule logs to be sent to the

administrator and enable logs to be sent to a syslog server on the network.



To configure and activate logs:

1.

Select

Monitoring > Firewall Logs & E-mail

. The Firewall Logs & E-mail screen

displays:

Figure 233.

Page 363 / 469

Monitor System Access and Performance

363

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

2.

Enter the settings as described in the following table:

Table 90.

Firewall Logs & E-mail screen settings

Setting

Description

Log Options

Log Identifier

Enter the name of the log identifier. The identifier is appended to log messages to identify

the device that sent the log messages. The default identifier is SRX5308.

Routing Logs

In the Accepted Packets and Dropped Packets columns, select check boxes to specify which traffic is

logged:

•

LAN to WAN

•

LAN to DMZ

•

DMZ to WAN

•

WAN to LAN

•

DMZ to LAN

•

WAN to DMZ

System Logs Option

Select the check boxes to specify which system events are logged:

•

Change of Time by NTP

. Logs a message when the system time changes after a request from an

NTP server.

•

Login Attempts

. Logs a message when a login is attempted. Both successful and failed login attempts

are logged.

•

Secure Login Attempts

. Logs a message when a secure login is attempted. Both successful and

failed secure login attempts are logged.

•

Reboots

. Logs a message when the VPN firewall has been rebooted through the web management

interface. (No message is logged when the factory default Reset button has been pressed.)

•

All Unicast Traffic

. All incoming unicast packets are logged.

•

All Broadcast/Multicast Traffic

. All incoming broadcast and multicast packets are logged.

•

WAN Status

. WAN link status–related events are logged.

•

Resolved DNS Names

. All resolved DNS names are logged.

•

VPN

. All VPN negotiation messages are logged.

Other Event Logs

Source MAC

Filter

Select this check box to log packets from MAC addresses that match the source MAC

address filter settings.

Session Limit

Select this check box to log packets that are dropped because the session limit has been

exceeded.

Bandwidth

Limit

Select this check box to log packets that are dropped because the bandwidth limit has been

exceeded.

Page 364 / 469

Monitor System Access and Performance

364

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

Enable E-mail Logs

Do you want

logs to be

emailed to

you?

Select the

Yes

radio button to enable the VPN firewall to email logs to a specified email

address. Complete the fields that are shown on the right side of the screen.

Select the

No

radio button to prevent the logs from being emailed, which is the default

setting.

E-Mail Server Address

The IP address or Internet name of your ISP’s outgoing email

SMTP server.

Note:

If you leave this field blank, the VPN firewall cannot send

email logs and alerts.

Return E-Mail Address

The email address of the sender for email identification purposes.

For example, enter [email protected].

Send to E-Mail

Address

The email address to which the logs are sent. Typically, this is the

email address of the administrator.

Custom SMTP Port

Enter the port number of the SMTP server for the outgoing email.

Select one of the following radio buttons to specify SMTP server authentication for the

outgoing email:

•

No Authentication

. The SMTP server does not require authentication.

•

Login Plain

. The SMTP server requires authentication with regular login. Specify the

user name and password to be used for authentication.

•

CRAM-MD5

. The SMTP server requires authentication with CRAM-MD5 login. Specify

the user name and password to be used for authentication.

Username

The user name for SMTP server authentication.

Password

The password for SMTP server authentication.

Respond to Identd

from SMTP Server

To respond to Ident protocol messages, select the

Respond to

Identd from SMTP Server

check box. The Ident protocol is a

relatively weak scheme to verify the sender of an email. (A

common daemon program for providing the Ident service is

Identd.)

Send e-mail logs by Schedule

Unit

Enter a schedule for sending the logs. From the Unit drop-down list, select one of the

following:

•

Never

. No logs are sent.

•

Hourly

. The logs are sent every hour.

•

Daily

. The logs are sent daily. Specify the time.

•

Weekly

. The logs are sent weekly. Specify the day and time.

Day

From the Day drop-down list, select the day on which the logs are sent.

Time

From the Time drop-down list, select the hour on which the logs are sent, and select either

the

a.m.

or

p.m.

radio button.

Table 90.

Firewall Logs & E-mail screen settings (continued)

Setting

Description

Page 365 / 469

Monitor System Access and Performance

365

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

3.

Click

Apply

to save your settings.

Note:

Enabling routing and other event logs might generate a significant

volume of log messages. NETGEAR recommends that you enable

firewall logs for debugging purposes only.



To view the routing logs, system logs, and other event logs onscreen:

1.

Select

Monitoring > Firewall Logs & E-mail

. The Firewall Logs & E-mail screen

displays.

2.

Click the

View Log

option arrow

in the upper right of the Firewall Logs & E-mail screen.

The View Log screen displays:

Enable SysLogs

Do you want

to enable

syslog?

To enable the VPN firewall to send logs to a specified syslog server, select the

Yes

radio

button. Complete the fields that are shown on the right side of the screen.

To prevent the logs from being sent, select the

No

radio button, which is the default setting.

SysLog Server

The IP address or FQDN of the syslog server.

SysLog Severity

All the logs with a severity that is equal to and above the severity

that you specify are logged on the specified syslog server. For

example, if you select LOG_CRITICAL as the severity, the logs

with the severities LOG_CRITICAL, LOG_ALERT, and

LOG_EMERG are logged.

Select one of the following syslog severities from the drop-down

list:

•

LOG DEBUG

. Debug-level messages.

•

LOG INFO

. Informational messages.

•

LOG NOTICE

. There are normal but significant conditions.

•

LOG WARNING

. There are warning conditions.

•

LOG ERROR

. There are error conditions.

•

LOG CRITICAL

. There are critical conditions.

•

LOG ALERT

. An action has to be taken immediately.

•

LOG EMERG

. The VPN firewall is unusable.

Table 90.

Firewall Logs & E-mail screen settings (continued)

Setting

Description

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share