Manualshelf

Troubleshooting guide

ManualsBrandsBay Networks ManualsComputer equipmentBayRS
161162163164165166167168169170
Appendix A: State Tables for VPN-1/FireWall-1 4.0 Security Server and Authentication tables
Advanced Technical Reference Guide 4.1 June 2000 164
The proxied_conns table uses the following format.
For the first half of the entry (line 1 above):
<source IP address, source port, destination IP address, destination port, IP protocol; service indicator, 0,0>
The destination IP address is the interface of the FireWall machine that is closest to the source IP address. The
service indicator holds the following: three zeros, 4 hex digits for the original destination port, and last digit
(“action”) which may have the following bits set:
Bit (counting from the right) Description
1 Encryption (1=connection should be encrypted)
2 Accounting (1=connection should be tracked for accounting)
3 Inside connection (1=connection from the FireWall to itself)
For the second half of the entry (line 2 above):
<0,source port of the final connection, final destination IP address, service port, IP protocol; service indicator,
source IP address, source port>
Service indicator (see explanation above)
Source IP (so the entry can be associated with the first one)
Source port (so the entry can be associated with the first one)
autoclntauth_fold table
The autoclntauth_fold table includes information regarding client authentication connections that should be
folded. The keys in the table are the source IP address and the service.
Example
attributes: expires 60
<c0a80c0e, 00000050; 38/60>
The autoclntauth_fold table uses the following format:
<source IP address, destination port; time left/total time>
session_auth table
All connections that were authenticated by session authentication are stored in the session_auth table.
Example
attributes: expires 60
<00000001, c0a83005, 00000453, c7cb477d, 00000017, 00000006; 30/60>
<ffffffff, c0a83005, 00000453, c7cb477d, 00000017, 00000006; 30/60>
<fffffffe, c0a83005, 00000453, c7cb477d, 00000017, 00000006; 30/60>
The session_auth table uses the following formats.
For the first part of the entry: (line 1 above):
<rule number, source IP address, source port, destination IP address, destination port, IP protocol; time
left/total time>
For the second part of the entry: (line 2 above):