1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SSL312
    5. /
  5. 22
Page 106 / 120 Scroll up to view Page 101 - 105
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
8-4
Monitoring and Logging
v1.1, November 2006
Event Log
The SSL VPN Concentrator provides web based logging. It also provides the ability to send log
messages to an external syslog server using the syslog protocol and to E-mail log files and alert
messages to an E-mail address or pager. To configure syslog and event log settings, see
“Log
Settings” on page 8-5
.
To view the SSL VPN Concentrator event log:
Click Event Log
under the Monitoring menu in the left navigation menu. The Event Log window
displays.
The Event Log window displays log messages in a sortable, searchable table. The SSL VPN
Concentrator stores 250Kb of log data or approximately one thousand log messages. Once the log
file reaches the log size limit, the log is cleared and, optionally, e-mailed to the SSL VPN
Concentrator administrator.
Each event log entry displays the following information (if applicable):
Time and date of log event.
The time stamp displays the date and time of log events. The time
and date is displayed as “Year-Month-Day Hour:Minute:Second”. Hours are displayed in 24-
hour clock format, so 2:00 PM is displayed as hour 14 in the event log. The date and time are
based on the local time of the SSL VPN Concentrator, which is configured on the Date and
Time screen under the System Configuration menu.
Source address. The Source IP address shows the IP address of the user or administrator that
generated the log event. The source IP address may not be displayed for certain events, such as
system errors.
Destination address. The destination IP address field shows the name or IP address that
received the event. For example, if a user accessed an Intranet web site through the SSL VPN
portal, the corresponding log entry would display the IP address or fully qualified domain
name of the web site accessed.
Figure 8-3
Page 107 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
Monitoring and Logging
8-5
v1.1, November 2006
User name. The User name field shows the authenticated name of the user or administrator
that generated the log event.
Log message. The message field describes the event that occurred. Examples of log messages
include
Administrator login successful
and
SSL VPN Concentrator
restarting
.
The event log table may be sorted and filtered.
To sort the event log by category:
1.
Click the category header to be sorted, such as Time or Source.
2.
Enter the search term in the Search field.
3.
Select an event category from the pull-down menu and click Find.
To filter messages:
1.
Enter the term to be filtered in the Search field.
2.
Select the event category from the pull-down menu and click Exclude.
To reset the search results and display all log messages, click Reset.
By default, 50 messages are displayed per page. If more than 50 events have been logged, then a
Page number menu will be displayed at the top of the event log table. Select the desired page
number from the Page menu to see archived log messages.
On the Log Settings page, you can configure the type of messages, such as warning and alert
messages, that will be displayed in the event log. You can also configure log rotate features on the
Log Settings page which will determine when to clear the log files.
Log Settings
The SSL VPN Concentrator supports web-based logging, syslog logging and e-mail alert
messages. In addition, the SSL VPN Concentrator may be configured to e-mail the event log file to
the SSL VPN Concentrator administrator before the log file is cleared.
Syslog is an industry-standard logging protocol that records system and networking activity. The
SSL VPN Concentrator syslog messages are sent in WELF (WebTrends Enhanced Log Format),
Note:
The Find and Exclude search tools are both case sensitive
Page 108 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
8-6
Monitoring and Logging
v1.1, November 2006
so most standard firewall and networking reporting products can accept and interpret the SSL VPN
Concentrator log files. The SSL VPN Concentrator syslog service transmits syslog messages to
external syslog server(s) listening on UDP port 514.
To configure Syslog Settings, E-mail Settings and Log and Alert Categories
for syslog and alert
settings:
1.
Under the System Configuration menu in the left navigation pane, click Log Settings.
2.
In the SysLog Settings section, enter the IP address or fully qualified domain name of your
syslog server in the Primary Syslog Server field. Leave this field blank if you do not require
syslog logging.
3.
If you have a backup or second syslog server, enter the IP address or domain name of the
Secondary Syslog Server in the Secondary Syslog Server field.
4.
In the E-mail Settings section:
Figure 8-4
Page 109 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
Monitoring and Logging
8-7
v1.1, November 2006
a.
To receive e-mail notification, enter your full e-mail address ([email protected]) in
the E-mail Event Logs to field. The event log file will be e-mailed to the specified
e-mail address before the event log is cleared. If this field is left blank, log files will not be
e-mailed.
b.
To receive alert messages via e-mail, enter your full e-mail address
([email protected]) or an e-mail pager address in the E-mail Alerts
to field. An
e-mail will be sent to the e-mail address specified if an alert event occurs.
c.
Enter the name or IP address of your mail server in the Mail Server field to e-mail log files
or alert messages. If this field is left blank, log files and alert messages will not be
e-mailed.
d.
Enter the e-mail address that log and alert messages will be e-mailed from in the Mail
From Address field.
e.
Configure how frequently log files will be e-mailed and cleared in the Send Event Logs
field. If When Full is selected, the event log will be e-mailed and then cleared when the
log file is full. If Daily or Weekly options are selected, then
The log file will be e-mailed and deleted on a daily or weekly basis.
The log file will still be cleared if the log file is full before the end of the period.
f.
From the Send Event Logs pull-down menu, select a schedule for sending Event Logs.
You can also manually clear the Event Logs by clicking Clear Log
.
5.
In the Log and Alert Categories section, define the priority level of events that will generate
Syslog Messages, Event Logs and Alert messages from the Syslog Messages, Event Log and
Alerts pull-down menus.
Log categories are organized from most to least critical. Once a category is selected, then all
events equal to or more critical than the selected log category and will be logged. The default
Log and Alert levels are:
Syslog Messages: Debug
Event Log: Debug
Alerts: Error
6.
Click Apply to confirm your settings.
Page 110 / 120
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
8-8
Monitoring and Logging
v1.1, November 2006
Diagnostics
Basic network diagnostic tools are available in the Diagnostics menu. Under the Monitoring menu
in the left navigation menu, click Diagnostics. The Diagnostics window displays.
The diagnostic functions available are:
Ping an IP Address
Enter an IP address and click Ping to send a ping packet request to the specified IP address.
The ping results will be displayed in a new screen; click Back to return to the Diagnostics
screen.
Trace an IP Address
Enter an IP address and click Trace to perform a traceroute to the specified IP address. The
trace results will be displayed in a new screen; click Back to return to the Diagnostics screen.
Perform a DNS Lookup
Enter an Internet Name (FQDN) and click Lookup to resolve the name to an IP address. A
DNS server address must be configured in your Network settings.
Restart the SSL VPN Concentrator
Click Reboot to restart the SSL VPN Concentrator.
Figure 8-5

Rate

4 / 5 based on 1 vote.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top