1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 90
Page 446 / 469 Scroll up to view Page 441 - 445
System Logs and Error Messages
446
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
DMZ to LAN Logs
WAN to DMZ Logs
Other Event Logs
Session Limit Logs
Source MAC Filter Logs
Bandwidth Limit Logs
This section describes the log messages generated by other events such source MAC
filtering, session limiting, and bandwidth limiting. For information about how to select these
logs, see
Configure Logging, Alerts, and Event Notifications
on page
362.
Session Limit Logs
Table 137.
Routing logs: DMZ to WAN
Message
Nov 29 09:44:06 [SRX5308] [kernel] DMZ2LAN[DROP] IN=DMZ OUT=LAN SRC=
192.168.20.10 DST=192.168.10.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
This packet from DMZ to LAN has been dropped by the firewall.
For other settings, see
Table
106
on page
431.
Recommended action
None
Table 138.
Routing logs: WAN to DMZ
Message
Nov 29 09:19:43 [SRX5308] [kernel] WAN2DMZ[ACCEPT] IN=WAN OUT=DMZ
SRC=192.168.1.214 DST=192.168.20.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
This packet from WAN to DMZ has been allowed by the firewall.
For other settings, see
Table
106
on page
431.
Recommended action
None
Table 139.
Other event logs: session limit logs
Message
2000 Jan 1 06:53:33 [SRX5308] [kernel] SESS_LIMIT[DROP] IN=LAN OUT=WAN
SRC=192.168.11.2 DST=20.0.0.1 PROTO=TCP SPT=50709 DPT=21
Explanation
When two FTP sessions are established from the same LAN host at IP address
192.168.11.2 and a session limit (SESS_LIMIT) is set as 1, the FTP packets from
the second session are dropped.
Recommended action
Change the session limit to 2 to prevent packets from being dropped.
Page 447 / 469
System Logs and Error Messages
447
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Source MAC Filter Logs
Bandwidth Limit Logs
DHCP Logs
This section explains the log messages that are generated when a host is assigned a
dynamic IP address. These messages are displayed on the DHCP Log screen (see
View the
DHCP Log
on page
387).
Table 140.
Other event logs: source MAC filter logs
Message
2000 Jan 1 06:40:10 [SRX5308] [kernel] SRC_MAC_MATCH[DROP] SRC MAC =
00:12:3f:34:41:14 IN=LAN OUT=WAN SRC=192.168.11.3 DST=209.85.153.103
PROTO=ICMP TYPE=8 CODE=0
Explanation
Because MAC address 00:12:3f:34:41:14 of LAN host with IP address
192.168.11.3 is filtered so that it cannot access the Internet, the packets sent by
this MAC address to the Google server at address 09.85.153.103 are dropped.
Recommended action
Disable source MAC filtering.
Table 141.
Other event logs: bandwidth limit, outbound bandwidth profile
Message
2000 Jan 1 00:10:36 [SRX5308] [kernel] [BW_LIMIT_DROP] IN=LAN OUT=WAN
SRC=192.168.100.2 DST=22.0.0.2 PROTO=ICMP TYPE=144 CODE=145
TC_INDEX=10 CLASSID=10:5
Explanation
This log is generated when an outbound packet is dropped because the packet size
exceeds the specified bandwidth limit.
Recommended action
Ensure that the packet size is within the specified bandwidth limit.
Table 142.
Other event logs: bandwidth limit, inbound bandwidth profile
Message
2000 Jan 1 00:08:21 [SRX5308] [kernel] [BW_LIMIT_DROP] IN=LAN OUT=WAN
SRC=22.0.0.2 DST=192.168.100.2 PROTO=ICMP TYPE=112 CODE=113
TC_INDEX=10 CLASSID=10:2
Explanation
This log is generated when an inbound packet is dropped because the packet size
exceeds the specified bandwidth limit.
Recommended action
Ensure that the packet size is within the specified bandwidth limit.
Page 448 / 469
System Logs and Error Messages
448
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Table 143.
DHCP logs
Message 1
Message 2
Message 3
Message 4
Message 5
Message 6
Message 7
2000 Jan 1 07:27:28 [SRX5308] [dhcpd] Listening on
LPF/eth0.1/00:11:22:78:89:90/192.168.11/24
2000 Jan 1 07:27:37 [SRX5308] [dhcpd] DHCPRELEASE of 192.168.10.2 from
00:0f:1f:8f:7c:4a via eth0.1 (not found)
2000 Jan 1 07:27:47 [SRX5308] [dhcpd] DHCPDISCOVER from 00:0f:1f:8f:7c:4a
via eth0.1
2000 Jan 1 07:27:48 [SRX5308] [dhcpd] DHCPOFFER on 192.168.11.2 to
00:0f:1f:8f:7c:4a via eth0.1
2000 Jan 1 07:27:48 [SRX5308] [dhcpd] Wrote 2 leases to leases file.
2000 Jan 1 07:27:48 [SRX5308] [dhcpd] DHCPREQUEST for 192.168.11.2
(192.168.11.1) from 00:0f:1f:8f:7c:4a via eth0.1
2000 Jan 1 07:27:48 [SRX5308] [dhcpd] DHCPACK on 192.168.11.2 to
00:0f:1f:8f:7c:4a via eth0.1
Explanation
Message 1: The DHCP server is listening on eth0.1.
Message 2: Release of the currently assigned IP address from the host by the
DHCP server.
Message 3: DHCP broadcast by the host is discovered by the DHCP server.
Message 4: The DHCP server offers a new IP address to the host’s current network
interface.
Message 5: Two new leases are written to the lease file.
Message 6: DHCP is requested to assign the new IP address by the host.
Message 7: DHCP acknowledgment to the current network interface from the
server on assignment of the new IP address.
Recommended action
None
Page 449 / 469
449
D
D.
Two-Factor Authentication
This appendix provides an overview of two-factor authentication, and an example of how to
implement the WiKID solution. This appendix contains the following sections:
Why Do I Need Two-Factor Authentication?
NETGEAR Two-Factor Authentication Solutions
Page 450 / 469
Two-Factor Authentication
450
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Why Do I Need Two-Factor Authentication?
What Are the Benefits of Two-Factor Authentication?
What Is Two-Factor Authentication?
In today’s market, online identity theft and online fraud continue to be one of the fast-growing
cybercrime activities used by many unethical hackers and cybercriminals to steal digital
assets for financial gains. Many companies and corporations are losing millions of dollars and
running into risks of revealing their trade secrets and other proprietary information as a result
of these cybercrime activities. Security threats and hackers have become more
sophisticated, and user names, encrypted passwords, and the presence of firewalls are no
longer enough to protect the networks from being compromised. IT professionals and
security experts have recognized the need to go beyond the traditional authentication
process by introducing and requiring additional factors in the authentication process.
NETGEAR has also recognized the need to provide more than just a firewall to protect the
networks. NETGEAR has implemented a more robust authentication system known as
two-factor authentication (2FA or T-FA) to help address the fast-growing network security
issues.
What Are the Benefits of Two-Factor Authentication?
Stronger security
. Passwords cannot efficiently protect the corporate networks because
attackers can easily guess simple passwords or users cannot remember complex and
unique passwords. One-time passcode (OTP) strengthens and replaces the need to
remember complex password.
No need to replace existing hardware
. Two-factor authentication can be added to
existing NETGEAR products through a firmware upgrade.
Quick to deploy and manage
. The WiKID solution integrates seamlessly with the
NETGEAR SSL and VPN firewall products.
Proven regulatory compliance
. Two-factor authentication has been used as a
mandatory authentication process for many corporations and enterprises worldwide.
What Is Two-Factor Authentication?
Two-factor authentication is a security solution that enhances and strengthens security by
implementing multiple factors of the authentication process that challenge and confirm the
users’ identities before they can gain access to the network. There are several factors that
are used to validate the users to make sure that you are who you say you are. These factors
are:
Something you know—for example, your password or your PIN.
Something you have—for example, a token with generated passcode that is 6 to 8 digits
in length.
Something you are—for example, biometrics such as fingerprints or retinal prints.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top