Manualshelf

User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S
261262263264265266267268269270
ManageEngine Firewall Analyzer :: User Guide
262
Zoho Corp.
sa_spi= 0x94e99fdc(2498338780), sa_trans= esp-3des esp-md5-
hmac , sa_conn_id= 45
Cisco ASA:
<166>:Apr 10 15:26:51 CDT: %PIX-vpn-6-602303: IPSEC: An
inbound remote access SA (SPI= 0x2C4009CD) between
xxx.xxx.xxx.xxx and xxx.xxx.xxx.xxx (user= ARNOLD) has been
created
<166>:Apr 10 22:13:21 CDT: %PIX-vpn-6-602304: IPSEC: An
inbound remote access SA (SPI= 0xA57F6150) between
xxx.xxx.xxx.xxx and xxx.xxx.xxx.xxx (user= ARNOLD) has been
deleted
<164>:Apr 10 20:13:23 CDT: %PIX-auth-4-113019: Group =
TUMBUVPN, Username = ARNOLD, IP = xxx.xxx.xxx.xxx, Session
disconnected. Session Type: IPSecOverUDP?, Duration: 4h:46m:39s,
Bytes xmt: 1270639, Bytes rcv: 4292608, Reason: User Requested
o PPTP:
Firewall Analyzer supports PPTP VPN between Cisco firewall and user's
PC. Following are the sample logs generated:
<133>Oct 20 2005 20:57:10: %PIX-6-603108: Built PPTP Tunnel at
inside,tunnel-id = 25, remote-peer =xxx.xxx.xxx.xxx, virtual-interface
= 1,client-dynamic-ip = xxx.xxx.xxx.xxx, username = king,MPPE-key-
strength = number
<134>Oct 20 2005 20:58:01: %PIX-6-603109: Teardown PPPOE
Tunnel at interface_name, tunnel-id = 25,remote-peer =
xxx.xxx.xxx.xxx
<134>Oct 20 2005 20:53:21: %PIX-6-603104: PPTP Tunnel created,
tunnel_id is 26, remote_peer_ip is xxx.xxx.xxx.xxx,
ppp_virtual_interface_id is 2,client_dynamic_ip is xxx.xxx.xxx.xxx,
username is king, MPPE_key_strength is None
<134>Oct 20 2005 20:58:01: %PIX-6-603105: PPTP Tunnel deleted,
tunnel_id = 26, remote_peer_ip = xxx.xxx.xxx.xxx
2. Site-To-Site VPN:
This vpn connection will be established between firewall to firewall. In
most of the cases, this connection would have been established before the
Firewall Analyzer installation. Also Cisco firewall's do no hint about the
traffic that is going through this Site To Site VPN tunnel in the logs. In the
Firewall Analyzer VPN Reports, there is no support for VPN connection
types. However, in the Traffic Reports, you can filter the report using the
IP Adresses assigned to the VPN connections to get the VPN traffic reports.