Chapter11. Logging
TheTelecommuting Module also produces log messages for SIP-related and VPN-related events as well as
administratorevents (when the administrator logs on or when a setting is changed). Here, you configure what will
happento these log messages.
Inbound traffic
Log class for non-SIP packets
Here,you select a log class for packets which are neither SIP packets, SIP session media streams, or
TelecommutingModule administration traffic and are therefore processed by the IP policy (discard or reject) that
youselected on the Basic Configuration page.
Log class for spoofed packets
Here,you select a log class for packets with obviously spoofed addresses. A spoofed IP address can be a
non-existingIP address on a network connection or packets where the sender or receiver address is an IP address in
therange 127.0.0.0 - 127.255.255.255.
Log class for DHCP requests
Here,you select a log class for DHCP requests. DHCP is a protocol used for dynamic allocation of IP addresses.
Requestsare sent by broadcast from computers wanting an IP address to a DHCP server. The Telecommuting
Modulelogs all DHCP related packets using the log class you select here. There are usually a lot of these packets,
sowe recommend using the log class "None", meaning that no packets are logged at all.
Log class for SNMP requests to the TelecommutingModule
Here,you select a log class for SNMP requests to the Telecommuting Module. SNMP is a protocol for monitoring
networkequipment such as firewalls and routers.
Log class for packets to the TelecommutingModule
Here,you select a log class for traffic addressed to the Telecommuting Module itself. Even if you select not to log
thistraffic, the configuration traffic to the Telecommuting Module will be logged according to the log class set on
theAccess Control page.
106