Manuals / Brands / Computer Equipment / Network Card / Multi-Tech Systems / Computer Equipment / Network Card

Multi-Tech Systems RF600, RF660, RF760 Packet Filters > Enable/Disable Log

1 189

Download 189 pages, 2.58 Mb

Chapter 6 – RouteFinder Software

Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 105

Packet Filters > Enable/Disable Log

Packet Filters > Enable/Disable Log

On this screen you can enable/disable RouteFinder firewall logging.

Enable/Disable Logging

Permitted Inbound Access Logs

Check this box to enable the logging of all permitted inbound access requests from public (WAN) network

clients that use a service hosted on the RouteFinder itself or on a private (LAN) or service (DMZ)

server/host.

Permitted Outbound Access Logs

Check this box to enable the logging of all permitted outbound access requests from private (LAN) and

service (DMZ) network clients that use a service on a public (WAN) network server/host.

All Access Requests Traversing Firewall Violating Security Policy

Check this box to enable the logging of all access requests from private (LAN), service (DMZ), and public

(WAN) network clients to traverse the RouteFinder that violate the configured security policy.

All Access Requests to Firewall Violating Security Policy

Check this box to enable the logging of all access requests from private (LAN), service (DMZ), and public

(WAN) network clients to send traffic to the RouteFinder itself, that violate the configured security policy.

Log Access to Admin Port

Check this box to enable the logging of all access requests from private (LAN), service (DMZ), and public

(WAN) network clients to send traffic to the RouteFinder itself on the administrative access port.

Contents

Main RF760/660/600VPN Internet Security Appliance User Guide User Guide Record of Revisions Patents Trademarks Technical Support Contents Page Page Page Chapter 1 Product Description, Features, and Overview Product Description Features Feature Highlights Ship Kit Contents Software Recovery CD Warning License Keys System License Key What to Do if a Trial License Key Expires URL Categorization License Key AntiVirus License Key Safety Warnings Lithium Battery Caution Ethernet Ports Caution Software Recovery CD Warning Telecom Warnings for Modem RouteFinder Front Panels RF760/660VPN Front Panel When 10, the LED is Off. When 100, the LED is Green. When 1G, the LED is Orange. RF600VPN General LED Descriptions LAN, WAN, DMZ LED Descriptions RouteFinder Back Panels RF760VPN Back Panel RF660VPN Back Panel RF600VPN Back Panel Specifications Appliance Features RF760VPN RF660VPN RF600VPN VPN Features RF760VPN RF660VPN RF600VPN Firewall Features RF760VPN RF660VPN RF600VPN Management Features RF760VPN RF660VPN RF600VPN Power & Physical Description RF760VPN RF660VPN RF600VPN Overview of RouteFinder VPN Technology Networks The Firewall Network Components That Work with the Firewall Network Layer Firewalls: Packet Filter Application Layer Gateways: Proxies Protection Mechanisms Page Typical Applications Chapter 2 Installation Pre-Installation Planning Planning and Establishing the Corporate Security Policy Contents of a Corporate Internet Security Policy Planning the Network System Administrator Required Planning Installation Overview Hardware Installation Procedure Cabling Overview Setting up a Workstation and Starting the RouteFinder VPN Connections Power Up Open a Web Browser Login Web Management Software Opens Navigating Through the Screens The Web Management Screen RouteFinder Menu Bar Menu Selections Screen Buttons Chapter 2 Installation Sub-Menu Menus and Sub-Menus Chapter 3 Configuration Initial Configuration Step Set Up Your Time Zone Second Configuration Step The Wizard Setup Screen Your Basic Configuration Is Now Complete Chapter 4 Configuration Examples Example 1 LAN-to-LAN VPN (Branch Office) Setup Networks & Services Set Packet Filters Set VPN IPSec Protocol Configuring Site B Example 2 Remote Client-to-LAN VPN Configuration Page Page Chapter 5 URL Categorization Important Settings Setting Up HTTP Proxy and URL Filtering Page How to Test Web Sites for Blocking How to Test the Filtering Establishing Filtering Rules for Networks and Hosts Submitting a Site to SurfControl for Reconsideration Chapter 6 RouteFinder Software Menu Bar Important Note About Logout Logout Closes the Software Program and Saves Settings Administration Administration > System Setup Email Notification Configure Email Notifications the RouteFinder VPN Will Send SNMP Agent Community Name System Logging System Time Backward time adjustment (summer to wintertime) Administration > SSH What Is SSH Prerequisites Status and SSH Port Allowed Networks Administration > SNTP Client Administration > Administrative Access Administrative Access - Available Networks and Allowed Network Change Password Time Before Automatic Disconnect Administrative Access HTTPS Port Administrative Access HTTP Port Logo and Version on Logon Page Administration > Site Certificate Enter the Certificate Information Click Save Administration > License Key Administration > Intrusion Detection Intrusion Detection Network Intrusion Detection User-Defined Network Intrusion Detection Rules Administration > Tools PING Trace Route TCP Connect Administration > System Scheduler Administration > Factory Defaults Administration > User Authentication > Local Users Prerequisite User Definition Administration > User Authentication > RADIUS & SAM RADIUS Prerequisite RADIUS Settings SAM Prerequisite SAM SAM Settings Administration > Restart Administration > Shutdown Networks & Services Networks & Services > Networks Add Network How to Confirm Your Entries Entries on This Screen Affect Other Screens Networks & Services > Services Add Services Editing and Deleting User-Added Services Notes About Protocols Entries on This Screen Affect Other Screens Networks & Services > Network Groups Rules and Suggestions for Establishing a Network Group About the Screen Add Network Group Select Group [Group Names Entered Above Now Display Here] Networks & Services > Service Groups Rules and Suggestions for Establishing Service Groups About the Screen Add Service Group Select Group [Group Names Entered Above Now Display Here] Proxy General Information About Proxies Proxy Services and Authentication Methods To Switch Off Proxy Using Netscape Navigator To Switch Off Proxy Using Microsoft Internet Explorer Proxy > HTTP Proxy HTTP Proxy Section URL Categorization Section of the Main Proxy HTTP Screen User Authentication Section of the Main Proxy HTTP Screen Proxy > HTTP Proxy > Custom Filters Default Action for Custom URL Lists Add Custom URL List Page Proxy > SMTP Proxy Rules and Suggestions for Using SMTP Proxy SMTP Proxy Page Page Proxy > SMTP Proxy > SMTP SPAM Filtering Page Page Proxy > POP3 Proxy POP3 Virus Protection Remote POP3 Virus Protection Proxy > POP3 Proxy > POP3 SPAM Filtering POP3 SPAM Protection POP3 SPAM Filtering Page Proxy > SOCKS Proxy SOCKS Proxy Page Proxy > DNS Proxy DNS Proxy Network Setup About Interfaces About the Interfaces Screen Network Setup > Interface Local Host Domain Name Server WINS Server Network Cards IP Aliases Network Setup > PPP PPP Settings Change Your Country/Region Code Network Setup > PPPoE PPPoE on WAN Network Setup > DHCP Client Network Setup > Dynamic DNS Dynamic DNS Settings Network Setup > Routes Add Routes - Interface Route Network Setup > Masquerading Masquerading Network Setup > SNAT Important Add SNAT Definition Network Setup > DNAT Add DNAT Definition DNAT Example Examples of DNAT Network Combinations DHCP Server DHCP Server > Subnet Settings DHCP Server on LAN DHCP Server > Fixed Addresses DHCP Server Fixed Addresses Tracking Tracking > Accounting Accounting Device IP-Based Accounting VPN Accounting Tracking > Update Services System Update Server Virus Update Server Page Tracking > Backup Backup Status Tracking > Version Control CVS Settings Examples 1. Make sure the lines cvspserver 2401/tcp and cvspserver 2401/udp are present in: Packet Filters Packet Filters > Packet Filter Rules Prerequisites Show Packet Filter Rules in Popup Window System Defined Rules Add User Defined Packet Filter Rules Packet Filters > ICMP ICMP Forwarding ICMP on Firewall Packet Filters > Advanced Packet Filters > Enable/Disable Log Enable/Disable Logging VPN (Virtual Private Networks) VPN > IPSec Introduction to Virtual Private Networks The VPN Main Screen VPN IPSec Settings Add an IKE Connection Page Add a Manual Connection Page VPN > x.509 Certificates Certificate of Authority Generation Certificate Generation VPN > IPSec Bridging VPN > PPTP If you are using Windows or 98, you may also have to update Microsoft RAS update. About Setting Up PPTP Users PPTP Settings User Authentication Wizard Setup Wizard Setup Screen General Settings LAN Settings WAN Settings Page Statistics & Logs Statistics & Logs Uptime Statistics and Logs > Hardware What the Graphs Show Statistics and Logs Networks Network Interface Cards Routing Table Network Connections Interfaces SMTP Proxy Accounting Interface Based Accounting IP Based Accounting VPN Based Accounting Self Monitor Example of a Self Monitor Live Log Report IPSec IPSec Live Log IPSec Live Connections PPTP PPTP Live Log Packet Filter Show Logs View All Logs Backup Logs > Port Scans > V Intrusion Detection Live Log Portscan Live Log iew Logs HTTP Access DHCP Example of a DHCP Log Page Chapter 7 User Authentication Methods Proxy Services and Authentication Methods NT SAM (SMB) User Authentication Local" RouteFinder User Authentication Which Method Should You Choose? Authentication Setup Setting Up RADIUS Authentication Setting Up A Microsoft IAS RADIUS Server Setting Up NT/2000 SAM (SMB) Authentication Chapter 8 Frequently Asked Questions (FAQs) Page Page Page Page Page Chapter 9 Troubleshooting Page Appendix A Disposition of Events for the RouteFinder v3.2x 1. Abstract Disposition of Events Access Request Inbound Access Request Outbound Access Request II. Inbound Access Log Inbound Access (DNAT with Connection Tracking) III. Outbound Access Log IV. Access Requests through Firewall Dropped V. Access Requests to Firewall Dropped Page Page Appendix B The RouteFinder Rescue Kernel What Is a Rescue Kernel? Before You Start ISO Image Directions Links You Will Need During the Install Process Method 1 How to Perform the Install Using No External Server Assumptions: Method 2 How to Perform the Install Using an External FTP Server Assumptions: Page Board Components PC Board Component Descriptions Hardware Upgrades and Add-ons Top Cover Removal RF660VPN Processor Upgrade Memory Upgrade Hard Disk Drive Upgrade CD-ROM Drive Add-on Keyboard Connection Monitor Connection Software Add-ons SSH Sentinel IPSec VPN Client Software Email Anti-Virus Code Overnight Replacement Service Appendix D CD-ROM Drive Adapter and Pin Out CD-ROM Drive Adapter Dimensions CD-ROM Drive Adapter Pin Out Appendix E RouteFinder Maintenance Housekeeping Monitoring Updating Appendix F Ordering Accessories SupplyNet Online Ordering Instructions Appendix G Technical Support Technical Support Contacts Recording RouteFinder Information Appendix H - Multi-Tech Systems, Inc. Warranty and Repairs Policies Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 162 Appendix H Multi-Tech Systems, Inc. Warranty and Repairs Policies Multi-Tech Warranty Statement Repair Procedures for U.S. and Canadian Customers Repair Procedures for International Customers Appendix H - Multi-Tech Systems, Inc. Warranty and Repairs Policies Repair Procedures for International Distributors Appendix I Regulatory Compliance Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 164 Appendix I Regulatory Compliance EMC, Safety, and R&TTR Directive Compliance FCC Part 15 Regulation for the Modem Operation FCC Part 68 Telecom for the Modem Operation Appendix I Regulatory Compliance Industry Canada for the Modem Operation Canadian Limitations Notice for the Modem Operation Appendix J License Agreements Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 166 Appendix J License Agreements Multi-Tech Systems, Inc. End User License Agreement (EULA) IMPORTANT - READ BEFORE OPENING THE SOFTWARE PACKAGE Multi-Tech Software License Agreement Appendix J License Agreements Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 167 Multi-User Limited Warranty and License Agreement Appendix J License Agreements Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 168 GNU GENERAL PUBLIC LICENSE Preamble Page Appendix J License Agreements Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 170 SurfControl URL Filtering End-User Terms 1. DEFINITIONS 2. GRANT OF LICENSE 3. OWNERSHIP 4. COPY RESTRICTION Appendix J License Agreements Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 171 6. TRANSFER RESTRICTIONS 7. TERMINATION 8. MAINTENANCE AND UPGRADE POLICY Appendix J License Agreements Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D) 172 12. U.S. GOVERNMENT RESTRICTED RIGHTS 13. INDEMNITY 14. IMPORT/EXPORT Kaspersky Standard End User License Agreement. Standard End User License Agreement Support Limited Warranty Limitation of Liability Appendix K Waste Electrical and Electronic Equipment Directive (WEEE) Waste Electrical and Electronic Equipment (WEEE) Directive Instructions for Disposal of WEEE by Users in the European Union Glossary Page Page Page Page Page Page Page Page Page Index 3 A B C F G K H I O P R S T U V W X