RE: [fw-wiz] Netscreen email logging
From: Philip J. Koenig (pjklist@ekahuna.com)
Date: 09/27/02
- Next message: Bruce Platt: "RE: [fw-wiz] Netscreen email logging"
- Previous message: Philip J. Koenig: "RE: [fw-wiz] Netscreen email logging"
- Maybe in reply to: Philip J. Koenig: "[fw-wiz] Netscreen email logging"
- Next in thread: Bruce Platt: "RE: [fw-wiz] Netscreen email logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Philip J. Koenig" <pjklist@ekahuna.com> To: Eddy Kalem <ekalem@testmart.com> Date: Fri Sep 27 20:18:16 2002
On 27 Sep 2002 at 11:03, Eddy Kalem boldly uttered:
> Where's the mail host located? Trusted or Untrusted interfaces?
On the 5XP - trusted, on the 25 - untrusted. Right now I'm in
testing mode with the 25, I have it in a test network prior to
installation in the live network.
The only idiosyncracy in the test network is that since I'm using the
same routable IPs as the box will use "in real life", they are not
routable to the internet (my ISP isn't routing someone else's IPs to
me) so I can't send traffic to the "world at large". However I have
this running through a Cisco which is connected directly to and has a
static route to the subnet which holds the SMTP server. Connectivity
to that subnet is fine, I can send traffic both ways normally. (for
the moment the SMTP server's subnet thinks the route to the
Netscreen's subnet is through my internal Cisco, instead of my
external gateway)
> Have you checked your logs as to a possible reason why it's not working?
If you're referring to "get log event" or "get log self" or "get
alarm event" etc, then yes I've checked those. No indication it
either tried or failed to send email logs. (I have no idea if it logs
this anyway)
I've also looked at the SMTP server logs and there's no indication
the Netscreen attempted to open an SMTP handshake with it.
> I compared your entries to mine and seems you have the appropriate entries.
> My mail server is on my Trusted interface.
>
> Eddy Kalem
Thanks for your suggestions.. I'm still stumped on this.
> -----Original Message-----
> From: Philip J. Koenig [mailto:pjklist@ekahuna.com]
> Sent: Thursday, September 26, 2002 8:07 PM
> To: firewall-wizards@nfr.com
> Subject: [fw-wiz] Netscreen email logging
>
>
> I have tried to get email alerts and logs working with 2 different
> Netscreen boxes (5XP Elite and 25) with no success. Everything else
> pretty much works as expected except this. I have asked Netscreen
> support about it more than once and get the equivalent of a shrug
> from them.
>
> Is there some secret to this I'm missing? Here are the relevant
> entries from the configuration file:
>
> set admin mail alert
> set admin mail traffic-log
> set admin mail server-name <hostname or IP>
> set admin mail mail-addr1 <email address>
>
>
> I've finally gotten used to their idiosyncracy of needing a manual
> route entry for any network that receives or sends to the firewall
> itself, so this isn't the problem.
-- Philip J. Koenig pjklist@ekahuna.com Electric Kahuna Systems -- Computers & Communications for the New Millenium
- Next message: Bruce Platt: "RE: [fw-wiz] Netscreen email logging"
- Previous message: Philip J. Koenig: "RE: [fw-wiz] Netscreen email logging"
- Maybe in reply to: Philip J. Koenig: "[fw-wiz] Netscreen email logging"
- Next in thread: Bruce Platt: "RE: [fw-wiz] Netscreen email logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
