Packet Type Selection, IP Address Selection | HP VCX Software

Chapter 9. Logging

Packet Type Selection

You can limit the selection to only allowed packets or rejected/discarded packets, or a subset of these. For example, you can select allowed, un-NAT:ed packets only.

IP Address Selection

You can limit the selection by specifying certain IP addresses.

In these ﬁelds, enter a single IP address (e. g., 10.3.27.3), a range of IP addresses (e. g., 10.3.27.1-10.3.28.254), an IP address followed by a netmask (e. g.,10.3.27.0/24), a combi- nation of these, or nothing at all. If a ﬁeld is empty, all IP addresses are selected.

If you want to study all trafﬁc except the one to or from a speciﬁc computer or group of computers, enter the IP address(es) here and mark the "not this address" box.

The selection can be modiﬁed by the control boxes under the ﬁelds A and B:

A src	Packets from the IP address in ﬁeld A matches. Field B is ignored.
A dst	Packets to the IP address in ﬁeld A matches. Field B is ignored.
A any	Packets to or from the IP address in ﬁeld A matches. Field B is
	ignored.
A to B	Packets from A to B matches.
B to A	Packets from B to A matches.
Between A&B	Packets from A to B, or from B to A, matches.
not this combination	Packets that do not match the given combination of A and B are
	shown in the log.

If you, for example, want to study all packets to or from 10.3.27.18, except those to the ﬁle server 10.3.27.2, you should ﬁll in the form like this:

Protocol/Port Selection

You can limit the selection by specifying certain protocols.

All IP protocols

No restriction regarding protocols.

TCP/UDP

When selecting TCP or UDP, you can choose all packets or packets to certain ports only.

In these ﬁelds, you can enter a single port number (32), a range of port numbers (1-1023), a list of port numbers and ranges separated by commas (53, 1024-65535) or nothing at all. If

139

Image 147

HP VCX Software manual Packet Type Selection, IP Address Selection, Protocol/Port Selection, All IP protocols

Contents

Version 3Com Telecommuting ModulePage United States Government Legend Page Table of Contents Page Part I. Introduction to 3Com VCX IP Telecommuting Module Page What is a Telecommuting Module? Introduction to 3Com VCX IP Telecommuting ModuleConﬁguration alternatives DMZ/LAN Conﬁguration DMZ Conﬁguration Standalone Conﬁguration Quick guide to 3Com VCX IP Telecommuting Module installation Introduction to 3Com VCX IP Telecommuting Module About settings in 3Com VCX IP Telecommuting Module Introduction to 3Com VCX IP Telecommuting Module Installation with a serial cable Installing 3Com VCX IP Telecommuting ModuleInstallation Installation with magic pingPage Page Page Page Installation with a diskette Page Page Remember to lock up the Telecommuting Module Turning off a Telecommuting Module Installing 3Com VCX IP Telecommuting Module Conﬁguring 3Com VCX IP Telecommuting Module Logging onLog on again Navigation Log outSite Map Network Conﬁguration AdministrationSIP Services Basic Conﬁguration Virtual Private Networks Quality of ServiceOverview of conﬁguration Failover Preliminary and permanent conﬁguration Page Mask/Bits IP address No. of computers Mask Bits Name queries in 3Com VCX IP Telecommuting ModulePage Conﬁguring 3Com VCX IP Telecommuting Module Part II. How To Page How To Conﬁgure SIP DMZ Telecommuting Module, SIP server on the WANNetworks and Computers Surroundings Interoperability Basic Settings Routing Filtering Save/Load Conﬁguration DMZ Telecommuting Module, SIP server on the LAN Networks and Computers Basic Settings Routing Standalone Telecommuting Module, SIP server on the WAN Basic Settings Filtering Standalone Telecommuting Module, SIP server on the LAN Client Settings Basic Settings Interoperability DMZ/LAN Telecommuting Module, SIP server on the WAN Basic Settings Filtering DMZ/LAN Telecommuting Module, SIP server on the LAN Interoperability Filtering LAN Telecommuting Module Surroundings Filtering Remote SIP Connectivity Firewall How To Conﬁgure SIP Outgoing Calls How To Conﬁgure Advanced SIP Show One Number When Calling Show Different Numbers When Calling Incoming Calls Page Authentication by Accounts a.k.a SIP Trunk via SIP accounts Page Page Page Incoming Calls Page Multiple Operators Least Cost Routing Page Multiple PBXs How To Conﬁgure Advanced SIP How To Conﬁgure Advanced SIP Page Page Page Page Name of this Telecommuting Module Basic ConﬁgurationBasic Conﬁguration General Default domain IP Policy DNS ServersPolicy For Ping To Your 3Com VCX IP Telecommuting Module Look up all IP addresses again Access ControlCancel Save User Authentication For Web Interface Access Conﬁguration Allowed Via InterfaceConﬁguration Transport Conﬁguration via Https Conﬁguration via Http Conﬁguration Computers Conﬁguration via SSHDNS Name Or Network Address Via IPsec Peer Network addressNetmask/Bits Range Radius Secret Radius ServersRadius server Port Identiﬁer Contact IP AddressStatus for Radius Servers Consecutive sends ScoreSent requests Received replies Value Conﬁguration of a Radius server Node location Snmp v1 and v2cTelecommuting Module IP address to respond to Snmp requests Contact person Community Access via SNMPv1 and SNMPv2cAccess via SNMPv3 Snmp User PasswordAuthentication Snmp Traps Version Resource MonitoringTrap sending function Trap receiver CPU Load Trap Levels Download the 3Com MIBSIP Sessions Trap Levels SIP User Registrations Trap Levels Use DynDNS Dynamic DNS updateDynDNS service DynDNS General Conﬁguration Username IP address for updatesUser, Smtp Server Wildcard hostnames Ofﬂine URL redirection DNS Name DNS Names to Update at DynDNSSmtp server is backup Smtp server Certiﬁcate CertiﬁcatesPrivate Certiﬁcates Name Create certiﬁcate or certiﬁcate request CA Certiﬁcates Timeouts AdvancedCA Certiﬁcate Timeout for Icmp connections Timeout for one-way UDP connectionsTimeout for two-way UDP connections Timeout for established TCP connections DMZ/LAN Conﬁguration Telecommuting Module Type conﬁguration Current Telecommuting Module TypeChange Telecommuting Module Type to Change type Test Preliminary Conﬁguration AdministrationDuration of limited test mode Save/Load Conﬁguration Backup Show Message About Unapplied ChangesApply conﬁguration Save/Load CLI Command File Reload Factory Conﬁguration Show ConﬁgurationRevert to Old Conﬁgurations Abort All Edits User Administration Password For the ’admin’ AccountOld password Account Type New password, Conﬁrm passwordChange administration password Other Accounts Currently Logged In Administrators Step UpgradeUpgrade Log Out Table Look Try the upgradeAccept upgrade Abort upgrade Edit Column Change Time Zone Date and Time Set date and time manually Change Date and Time ManuallyDate Time NTP Servers To Use If NTP Is Enabled Change Date and Time With NTPSynchronize time with NTP Automatic Restart of the SIP Module Reboot Your 3Com VCX IP Telecommuting ModuleRestart Restart the SIP Module Administration Administration 118 Networks and Computers Network Conﬁguration Name SubgroupLower Limit Create Upper LimitInterface/VLAN Delete Row Interface Default GatewayMain Default Gateways Priority Gateway Reference Hosts Policy For Packets From Unused Gateways Interface Network Interface 1 Physical deviceInterface name Obtain IP Address Dynamically Directly Connected Networks Vlan Name AliasBroadcast address Vlan Id Static Routing Router Routed network Named VLANs Vlan Interface Status Interface Status PPPoE Client Status Dhcp Client Status Authentication PPPoEKeep Alive Surroundings LCP echo-request intervalLog class for PPPoE negotiations Data Interfaces NetworkAdditional Negotiators Select a data interface here Network Conﬁguration 136 Display log LoggingDisplay Log Search the Log Packet Selection Support Report All IP protocols Packet Type SelectionIP Address Selection Protocol/Port Selection Icmp IP addresses SIP Packet SelectionCall-ID SIP Methods Time Limits Show This Export the LogShow newest at top Clear form Log RST Display Load Unit Packet LoadTime Period Direction Value View diagram DiagramDiagram Size Diagram Heading Log class for broadcast packets Inbound TrafﬁcLog class for non-SIP packets Log class for spoofed packets Log class for Dhcp requests Log class for email errorsLog class for Radius errors Log class for Snmp errors Log class for ESP packets VPN EventsLog class for IPsec key negotiations Log class for IPsec key negotiation debug messages SIP Events Other Log Classes Email AddressLocal Log Syslog Log Sending Smtp Server Status for Outbound EmailSyslog Servers Reverts the ﬁelds to the previous conﬁguration 157 Logging 158 SIP Module SIP ServicesAdministration of SIP Basic Settings Comment Additional SIP Signaling PortsProvisioning Relay Transport SIP Media Port Range Public IP address for NATed Telecommuting ModuleSIP Servers To Monitor Server SIP Logging Log class for SIP signaling Interoperability Loose RoutingRelaxed Refer-To Except this from translation Remove Via HeadersTranslation Exceptions SIP Server Expires Header Force TranslationAlways Translate This URI Encoding Signaling Order of Re-INVITEs Loose Username CheckUser Matching Force Record-Route for All Requests Accept RTP/AVP With sdescriptionsTransmit RTP/AVP With sdescriptions Force Record-Route for Outbound Requests Accept TCP Marked As TLS Force Remote TLS Connection Reuse Remove Headers in 180 Responses Allow Large UDP Packets Forward Cancel Body Use Cancel Body In ACKPreserve RFC 2543 Hold Allow RFC 2069 Authentication Open Port 6891 For File TransferConvert Escaped Whitespaces in URIs Keep User-Agent Header When Acting as B2BUA Strip ICE AttributesPorts and the maddr Attribute Session Conﬁguration Session timerTimeout for SIP over TCP/TLS Sessions and Media Media Conﬁguration Allowed number of concurrent sessionsLimitation of sender of media streams Limitation of RTP Codecs This Codec Is Allowed CodecsType Name Ring Tone for Local Ringback Local RingbackMusic on Hold Redirection Local Ringback Played at Call Transfer SIP blacklist interval Default timeout for Invite requestsMaximum timeout for Invite requests Requests Maximum number of retransmissions for non-INVITE requests Base retransmission timeout for SIP requestsRemote SIP Connectivity Maximum number of retransmissions for Invite requests Stun ports Stun ServerStun server Stun server IP addresses IP Address for Remote Clients Remote Clients Signaling ForwardingRemote NAT Traversal Remote NAT traversal NAT keepalive method NAT timeout for UDPNAT timeout for TCP Forward Signaling from IP Address SIP Methods SIP Trafﬁc Auth MethodTrafﬁc To Allow Action FilteringSender IP Filter Rules From Network Allow Content TypesDefault Policy For SIP Requests Content Type Header Filter Rules Default Header Filter Policy Local RegistrarLocal SIP Domains Domain Local SIP User Database Authentication and Accounting Authentication NameRegister From SIP User Database Authentication settings Network Asserted-IdentityUse P-Asserted-Identity Trusted Domains Emergency Number Dial PlanRadius Accounting Use Dial Plan Reg Expr Matching From Header Tail Matching Request-URIPreﬁx Head Min. Tail Forward To Subno Replacement URI Dial Plan Enum Root Request-URIForward To Add Preﬁx Methods in Dial Plan MethodRegister in Dial Plan Enum Root Routing DNS Override For SIP Requests Port WeightSIP Routing Order Relay To Routing Function Class 3xx Message Processing User Static RegistrationsRequests To User Also Forward To Sip/sips Local Refer HandlingAlways handle Refer locally For clients not supporting Refer From URIs For Which Refer is Handled Locally For clients not supporting replacesFor dialogs with speciﬁed From URI For dialogs with speciﬁed User-Agent header User Routing AliasRestrict Incoming Callers Forward Send To Voice MailAction Voice Mail Server Domain or IP Address Outbound ProxyFrom Domain Request-URI Domain Gateway Tel URIs Registrar and Session Status Active SessionsMonitored SIP Servers Registered from Registered UsersMonitored SIP server Monitored SIP server status IP Address Selection ToolsPacket Capture Network Interface Selection Tools Any Icmp Test Results Check NetworkCollect data Check NetworkPage Tools 222 SIP over TCP/TLS Firewall and Client ConﬁgurationDMZ type SIP over UDP SIP clients DMZ/LAN type Standalone type SIP clients Part IV Com VCX IP Telecommuting Module Serial Console Page Basic Administration Connecting to the serial consoleMain Menu Wipe email logs Set passwordCommand line interface Exit admin Deactivate other interfaces Physical device name Conﬁgure from multiple computers Conﬁgure from a single computer Password Wipe email logs Exit admin Set password Basic Administration 236 Command Line Reference Command ReferenceHelp and Troubleshooting Modifying Tables Revert-edits List-tablesLoad-factory Modify-row Table Deﬁnitions Conﬁg.allowconﬁg Conﬁg.allowviainterfaceConﬁg.authlogclass Conﬁg.mgmtlogclass Conﬁg.authenticationConﬁg.httpservers Conﬁg.httpsservers Fentalwaysfentinterfaces Failover.ifacerefhostsFent.alwaysfent Fentalwaysfentexceptions Fent.mediarelease Fent.mapsignaladdressField Name Field Type Explanation Enabled OnOffToggle Fent.fentkeepalive ﬁrewall.dhcplogclass ﬁrewall.defaultpolicyﬁrewall.blindroutepolicy ﬁrewall.broadcastlogclass ﬁrewall.networkgroups ﬁrewall.ownlogclassﬁrewall.pingpolicy ﬁrewall.timeclasses ﬁrewall.servicesﬁrewall.policylogclass ﬁrewall.spooﬁnglogclass Idsips.predeﬁnedipsrules Idsips.active Ipsec.espahlogclass Idsips.ratelimitedipsIpsec.cryptodef Ipsec.espproposals Ipsec.nattkeepalive Ipsec.ikelogclassIpsec.ikeproposals Ipsec.ipsecnets Field Name Field Type Ipsec.plutologclassIpsec.plutoverboselogclass Ipsec.radiusauthserver Ipsec.tunnelednets Ipsec.userauthlogclassIpsec.x509cacerts Misc.dyndns Misc.conntracktimeoutsIpsec.x509cert Misc.dnsservers Field Name Field Type Explanation DomainName Misc.dyndnsnameMisc.fversion Misc.ntpservers Monitor.emailalertlogclass Monitor.cpuloadlevelalarmMisc.unitname Misc.usentp Monitor.logclasses Monitor.memorylevelalarmMonitor.radiuserrorslogclass Monitor.hardwarelogclass Monitor.siplevelalarms Monitor.snmpagentaddressMonitor.snmpagentlogclass Monitor.snmppacketlogclass Monitor.snmpcontactpersonMonitor.snmpmanagementstations Monitor.snmpnodelocation Monitor.snmpv1v2cauth Monitor.snmpv1v2caccessMonitor.snmpv3access Monitor.snmptrapsending Network.aliasaddresses Network.extradefaultgatewaysMonitor.syslogservers Monitor.watchdogs Network.interfaces Network.localnetsNetwork.pppoe Field Name Field Type Explanation Server DnsIpAddress Network.routetestserversNetwork.routes Network.vlans Pptp.pptplogclass Password.adminusersPptp.pptpenable Pptp.grelogclass Field Name Field Type Explanation PPTPOwnIpReference Pptp.pptpserveripPptp.pptpusers Pptp.pptpneglogclass Qos.classes Qos.bandwidths Qos.egressdefaultqueueing Qos.ingressdefaultqueueingQos.egressqueueing Qos.tagging Qos.ingressqueueingQos.sipcac Qos.status Sip.allowedcodecs Sip.acceleratedtlsSip.active Sip.addexpireheader Sip.codecﬁltering Sip.defaultgatewaySip.authmethods Sip.b2buaofferfromtemplate Field Name Field Type Explanation DnsIpAddress Sip.emergencySip.externradiusdb Sip.externalrelay Sip.forwardtoheader Sip.forwardcancelbodySip.ﬁxﬁletransferport Sip.forcemodify Field Name Field Type Explanation Action Sipﬁlteractionsel Sip.headerﬁlterdefaultSip.headerﬁlterrules Sip.ignoreuriportwhenmaddr Sip.localdomains Sip.largeudpSip.lcscompanion Sip.listen Sip.mediaencryptionpolicy Sip.looserefertoSip.looseusernamecheck Sip.lrtrue Field Name Field Type Explanation Portslower PortNumber Sip.mediaencryptionsettingsSip.mediaencryptionsuite Sip.mediaports Sip.mfull Sip.mediatimeoutsSip.mediarestriction Sip.message Sip.musiconhold Sip.optiontimeoutSip.mimetypes Sip.monitorserver Sip.preserve2543hold Field Name Field Type Explanation Timeout OptionTimeoutSip.outboundproxy Sip.percent20towhitespace Sip.relayrules Sip.radiusacctSip.recurseon3xxinb2bua Sip.registrarlimits Sip.ringback Sip.removeviaSip.replyconﬁg Sip.rewritetoforregisterindp Sip.rrouteoutbound Sip.routeusesportSip.routingorder Sip.rroutealways Sip.sipalias Sip.signaladdressfordestinationSip.siperrorslogclass Sip.sessionlimits Sip.sipmessagelogclass Sip.sipsignalinglogclassSip.siplicenselogclass Sip.sipmedialogclass Sip.surroundings Sip.tcptimeoutSip.sttype Sip.stripiceattributes Sip.tlsservercfg Sip.tlssettingsSip.tlscacerts Sip.tlsclientcfg Field Name Field Type Explanation Uriencodingsel Sip.transactionconﬁgSip.trusteddomain Sip.uriencoding Sip.uaregister Sip.usecancelbodyinackSipswitch.accounts Sipswitch.b2buatransferenable Field Name Field Type Explanation User AliasAlias Sipswitch.b2buatransferfromuserSipswitch.dialplan Sipswitch.dialplanenable Field Name Field Type Explanation Enabled Fallbacksel Sipswitch.dialplanmethodsSipswitch.enumroot Sipswitch.forwardto Field Name Field Type Explanation Url SipWildcardUrl Sipswitch.incomingunauthSipswitch.requestfrom Sipswitch.requestto Sipswitch.users Sipswitch.userrouting Voipsm.voipsm Sipswitch.voicemailUserdb.radiuslocalendpoint Userdb.radiusservers Voipsm.voipsmdomains AdminPasswordAdminTypeSel Field Types AuthData AdminUserAliasAlias AliasIpReference AliasUser DnsDynIpNetworkInterface DnsDynIpOtherHost CaReferenceCertReference CryptoDefReference DepUsableVlanInterface DnsDynIpAddress EspCryptoReference FirewallLogclassReference DyndnsPasswordDyndnsServiceSel EnumReference IpsecAuthSel InterfaceSelInviteRetransmitCount IpsRuleName MaxReg IsakmpSALifeLogclassReference MaxMessageSizeInteger OnOffToggleOn NonemptyStringOnOffButton OnOffToggle OptDepOwnIpReference OptDnsAutoRuntimeReachableHost OptDnsIpAddressOptComment OptDSCPInteger OptIpsecPeerReference OptForwardToReferenceOptIcmpRangeList OptIpsecNetReference OptPercentFloat OptPasswordOptServicesReference OptPercent OptTimeclassReference OptionTimeoutOptSipUserDomain OptString Percent PptpPasswordRegTimeout PPTPOwnIpReference SIPRadiusSel SessionTimeoutSipUserDomainDefaultAll SipUserPassword SubGroup SnmpPasswordTimerAFloat SipWildcardUrl Accountvoicemailsel Accounttypesel Bypasstransportsel AddexpireheaderselAutonegsel Blindsel Fentkeepalivesel ConﬁgauthselDpactionsel Fallbacksel Mediaencryptionsuitesel FunctionselFwtypesel Hitsnumber Qostypesel PingpolicyselPolicysel Pqueuesel Rfc2782priority Rfc2782weightRegexpwithAt Restfuncsel Sipsel SipauthdirselSipﬁlteractionsel Sipfunctionsel Sttypesel SnmptrapversionselSnmpv3authsel Snmpv3privacysel Sysloglevelsel TlsclientmethodsTlsservermethods Voipsmmethodsel TlsconfselTrusteddomaintransportsel Uriencodingsel CLI command examples Add and change ﬁrewall rulesWindownumber Apply a conﬁguration Part V. Appendices Page Why use SIP? Appendix A. More About SIPSIP Protocol Managing Your Own SIP Domain SIP and FirewallsConﬁguring the 3Com VCX IP Telecommuting Module Page Conﬁguring the PBX Conﬁguring the DNS ServerConﬁguring the SIP Clients SIP Sessions SIP in 3Com VCX IP Telecommuting ModuleEstablishing a SIP session Contact SIP Packet Headers Route Content-TypeVia Record-Route Appendix A. More About SIP 328 Trafﬁc discarded as spoofed Appendix B. TroubleshootingNetwork troubleshooting No trafﬁc shown in the log SIP Trunking calls via SIP operator SIP troubleshootingSIP users can’t register on the Telecommuting Module SIP users can’t register through the Telecommuting Module Call is established, but there is no voice Administration troubleshooting Destination IP addressport is known bad. Skipping SIP errorsLog Messages SIP send failure -1 on socket -1 event number Stopped SIP TCP server IPsec key negotiationsStarting SIP TCP server at port Starting SIP UDP server at port Conﬁguration server logins Name Port/protocol Description List of the most important reserved ports WWW Cmip Krcmd Kerberos encrypted remote shell -kfall Type Name List of Icmp types Icmp codes Type Name ReferenceIcmp type Name Code Description Unreachable for Type Protocol number Keyword Internet protocols and their numbers IP intervals Set bits Mask IP address class Class IP in- tervals Reserved IP addressesPage ARP Appendix D. Deﬁnitions of terms DMZ 349 Https NAT Nntp 353 PPP SIP Uucp 357 Appendix D. Deﬁnitions of terms 358 Terms Appendix E. License ConditionsSoftware developed by Peter Åstrand BSD derived licenses Software developed by Carnegie Mellon University Software developed by Cisco Systems Software developed by Gregory M Christy Software developed by Digital Equipment Corporation Software developed by Jason Downs Dhcp license Software developed by Brian Gladman Preamble Software developed by Google, IncGNU General Public License GPL Version 2, June GNU General Public License 367 368 No Warranty IBM Public License Software developed in the GIE Dyade cooperation Software developed by Ingate Systems Software developed by Tommi Komulainen USA GNU Library General Public License Lgpl v 374 GNU Library General Public License 376 377 Page 379 380 Version 2.1, February GNU Lesser General Public License Lgpl v 382 GNU Lesser General Public License 384 385 386 Page Glibc Tzdata 2006a 388 Software in the GNU C distribution Appendix E. License Conditions Appendix E. License Conditions 392 More software in the GNU C distribution 394 License exceptions for gcc/libgcc2.c Disclaimer License exceptions for libstdc++License for lilo License Software developed by Paul Mackerras Software developed at M I T Software developed by Pedro Roque Marques Part 1 CMU/UCD copyright notice BSD like License for Net-SNMP Part 4 Sun Microsystems, Inc. copyright notice BSD Part 5 Sparta, Inc copyright notice BSD Part 6 Cisco/BUPTNIC copyright notice BSD License for OpenSSH License for NTP 404 Appendix E. License Conditions 406 407 Snprintf replacement Copyright Patrick Powell 409 License for OpenSSL License for OpenSWAN Release Derived Year Owner GPL- compatible? From Python license Terms and Conditions for Accessing or Otherwise Using Python Beopen Python Open Source License Agreement Version Cnri License Agreement for Python CWI License Agreement for Python 0.9.0 Through License for Python Imaging Library License for Rdisc More software developed by RSA Data Security, Inc Software developed by RSA Data Security, Inc License for SSL Software developed by Sun Microsystems, Inc License for stunnel License for Sun RPC More software developed by Sun Microsystems, Inc Software developed by Trusted Information Systems, Inc License for termcap Software developed by Paul Vixie Software developed by Andrew Tridgell Vovida Software License v Software developed by Rayan S ZachariassenVovida Software License, Version Software developed at University of California License for zlib Openswan-kernel 427 Appendix E. License Conditions Appendix E. License Conditions Readlink Appendix E. License Conditions 430 Appendix F. Obtaining Support for Your 3Com Products Register Your Product to Gain Service BeneﬁtsSolve Problems Online Purchase Extended Warranty Professional Services Asia, Paciﬁc Rim Telephone Technical Support and Repair Access Software DownloadsContact Us Telephone Technical Support and Repair Country Telephone Number Latin America Telephone Technical Support and Repair US and Canada Telephone Technical Support and Repair Index For administration Conﬁguration logins From the Telecommuting Module MIBs