1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 87
Page 431 / 469 Scroll up to view Page 426 - 430
System Logs and Error Messages
431
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Log Message Terms
This appendix uses the following log message terms.
System Log Messages
NTP
Login/Logout
System Startup
Reboot
Firewall Restart
IPSec Restart
Unicast, Multicast, and Broadcast Logs
WAN Status
Resolved DNS Names
VPN Log Messages
Traffic Meter Logs
Table 106.
Log message terms
Term
Description
[SRX5308]
System identifier.
[kernel]
Message from the kernel.
CODE
Protocol code (for example, protocol is ICMP, type 8) and CODE=0 means successful
reply.
DEST
Destination IP address of the machine to which the packet is destined.
DPT
Destination port.
IN
Incoming interface for packet.
OUT
Outgoing interface for packet.
PROTO
Protocol used.
SELF
Packet coming from the system only.
SPT
Source port.
SRC
Source IP address of machine from which the packet is coming.
TYPE
Protocol type.
Page 432 / 469
System Logs and Error Messages
432
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
This section describes log messages that belong to one of the following categories:
Logs generated by traffic that is meant for the VPN firewall.
Logs generated by traffic that is routed or forwarded through the VPN firewall.
Logs generated by system daemons, the NTP daemon, the WAN daemon, and other
daemons.
For information about how to select many of these logs, see
Configure Logging, Alerts, and
Event Notifications
on page
362.
NTP
This section describes log messages generated by the NTP daemon during synchronization
with the NTP server.
Login/Logout
This section describes logs generated by the administrative interfaces of the device.
Table 107.
System logs: NTP
Message
Nov 28 12:31:13 [SRX5308] [ntpdate] Looking Up time-f.netgear.com
Nov 28 12:31:13 [SRX5308] [ntpdate] Requesting time from time-f.netgear.com
Nov 28 12:31:14 [SRX5308] [ntpdate] adjust time server 69.25.106.19 offset
0.140254 sec
Nov 28 12:31:14 [SRX5308] [ntpdate] Synchronized time with time-f.netgear.com
Nov 28 12:31:16 [SRX5308] [ntpdate] Date and Time Before Synchronization: Tue
Nov 28 12:31:13 GMT+0530 2006
Nov 28 12:31:16 [SRX5308] [ntpdate] Date and Time After Synchronization: Tue
Nov 28 12:31:16 GMT+0530 2006
Nov 28 12:31:16 [SRX5308] [ntpdate] Next Synchronization after 2 Hours
Explanation
Message 1: DNS resolution for the NTP server (time-f.netgear.com).
Message 2: Request for NTP update from the time server.
Message 3: Adjust time by re-setting system time.
Message 4: Display date and time before synchronization, that is, when
resynchronization started.
Message 5: Display the new updated date and time.
Message 6: Next synchronization will be after the specified time.
Example: In these logs the next synchronization will be after 2 hours. The
synchronization time interval is configurable through the CLI.
Recommended action
None
Table 108.
System logs: login/logout
Message
Nov 28 14:45:42 [SRX5308] [login] Login succeeded: user admin from
192.168.10.10
Explanation
Login of user admin from host with IP address 192.168.10.10.
Page 433 / 469
System Logs and Error Messages
433
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
System Startup
This section describes the log message generated during system startup.
Reboot
This section describes the log message generated during system reboot.
Firewall Restart
This section describes logs that are generated when the VPN firewall restarts.
Recommended action
None
Message
Nov 28 14:55:09 [SRX5308] [seclogin] Logout succeeded for user admin
Nov 28 14:55:13 [SRX5308] [seclogin] Login succeeded: user admin from
192.168.1.214
Explanation
Secure login/logout of user admin from host with IP address 192.168.1.214.
Recommended action
None
Table 109.
System logs: system startup
Message
Jan 1 15:22:28 [SRX5308] [ledTog] [SYSTEM START-UP] System Started
Explanation
Log generated when the system is started.
Recommended action
None
Table 110.
System logs: reboot
Message
Nov 25 19:42:57 [SRX5308] [reboot] Rebooting in 3 seconds
Explanation
Log generated when the system is rebooted from the web management interface.
Recommended action
None
Table 111.
System logs: VPN firewall restart
Message
Jan 23 16:20:44 [SRX5308] [wand] [FW] Firewall Restarted
Explanation
Log generated when the VPN firewall is restarted.
This message is logged when the VPN firewall restarts after any changes in the
configuration are applied.
Recommended action
None
Table 108.
System logs: login/logout (continued)
Page 434 / 469
System Logs and Error Messages
434
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
IPSec Restart
This section describes logs that are generated when IPSec restarts.
Unicast, Multicast, and Broadcast Logs
ICMP Redirect Logs
Table 112.
System logs: IPSec restart
Message
Jan 23 16:20:44 [SRX5308] [wand] [IPSEC] IPSEC Restarted
Explanation
Log generated when the IPSec is restarted.
This message is logged when IPSec restarts after any changes in the configuration
are applied.
Recommended action
None
Table 113.
System logs: unicast
Message
Nov 24 11:52:55 [SRX5308] [kernel] UCAST IN=SELF OUT=WAN SRC=
192.168.10.1 DST=192.168.10.10 PROTO=UDP SPT=800 DPT=2049
Explanation
This packet (unicast) is sent to the device from the WAN network.
For other settings, see
Table
106
on page
431.
Recommended action
None
Table 114.
System logs: unicast, redirect
Message
Feb 2007 22 14:36:07 [SRX5308] [kernel] [LOG_PACKET] SRC=192.168.1.49
DST=192.168.1.124 PROTO=ICMP TYPE=5 CODE=1
Explanation
This packet is an ICMP redirect message sent to the device by another device.
For other settings, see
Table
106
on page
431.
Recommended action
To enable these logs, from the CLI command prompt of the VPN firewall, enter this
command:
monitor/firewallLogs/logger/loggerConfig logIcmpRedirect 1
And to disable it enter:
monitor/firewallLogs/logger/loggerConfig logIcmpRedirect 0
Page 435 / 469
System Logs and Error Messages
435
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Multicast/Broadcast Logs
WAN Status
This section describes the logs generated by the WAN component. If there are several ISP
links for Internet connectivity, the VPN firewall can be configured either in auto-rollover or
load balancing mode.
Load Balancing
When the WAN mode is configured for load balancing, all the WAN ports are active
simultaneously, and the traffic is balanced between them. If one WAN link goes down, all the
traffic is diverted to the other WAN links that are active.
This section describes the logs generated when the WAN mode is set to load balancing.
Auto-Rollover
When the WAN mode is configured for auto-rollover, the primary link is active, and the
secondary link acts only as a backup. When the primary link goes down, the secondary link
becomes active only until the primary link comes back up. The VPN firewall monitors the
status of the primary link using the configured WAN failure detection method.
Table 115.
System logs: multicast/broadcast
Message
Jan 1 07:24:13 [SRX5308] [kernel] MCAST-BCAST IN=WAN OUT=SELF SRC=
192.168.1.73 DST=192.168.1.255 PROTO=UDP SPT=138 DPT=138
Explanation
This multicast or broadcast packet is sent to the device from the WAN network.
For other settings, see
Table
106
on page
431.
Recommended action
None
Table 116.
System logs: WAN status, load balancing
Message
Dec 1 12:11:27 [SRX5308] [wand] [LBFO] Restarting WAN1_
Dec 1 12:11:31 [SRX5308] [wand] [LBFO] Restarting WAN2_
Dec 1 12:11:35 [SRX5308] [wand] [LBFO] WAN1(UP), WAN2(UP)_
Dec 1 12:24:12 [SRX5308] [wand] [LBFO] WAN1(UP), WAN2(DOWN)_
Dec 1 12:29:43 [SRX5308] [wand] [LBFO] Restarting WAN2_
Dec 1 12:29:47 [SRX5308] [wand] [LBFO] WAN1(UP), WAN2(DOWN)_
Explanation
Message 1 and Message 2 indicate that both the WANs are restarted.
Message 3: This message shows that both the WANs are up and the traffic is
balanced between the two WAN interfaces.
Messages 4, 5, and 6: These messages show that one of the WAN links is down,
and that restarting the WAN link does not resolve the situation. At this point, all the
traffic is directed through the WAN that is up.
Recommended action
None

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top