User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S

261

262

263

264

265

266

267

268

269

270

ManageEngine Firewall Analyzer :: User Guide

266

Zoho Corp.

Troubleshooting Tips

For the latest Troubleshooting Tips on Firewall Analyzer, visit the Troubleshooting Tips on

the website or the public user forums.

General [ Show/Hide All ]

1. Where do I find the log files to send to Firewall Analyzer Support?

The log files are located in the <FirewallAnalyzer_Home>/server/default/log

directory. Typically when you run into a problem, you will be asked to send the

serverout.txt file from this directory to Firewall Analyzer Support.

2. Internet Explorer says "Error opening this document. File cannot be found" when

I try to open an exported PDF report.

Internet Explorer throws this error when you try to open an exported PDF report

in the web browser itself. This is a known issue, and we are working on resolving

it. For now, save the report to your local machine, and open it using the regular

PDF software that you use (Adobe Acrobat Reader or xpdf)

3. I am having a Cisco PIX, but I only see Traffic IN and not Traffic OUT?

o You need to configure your Intranets in order to separate inbound and

outbound traffic. The Inbound Outbound Traffic report will show the traffic

details about inbound traffic ( traffic coming into LAN ) and outbound

traffic ( traffic going out of LAN ) of the firewall.When configured, the

Inbound Outbound Traffic Reports shows you which hosts and what

protocol groups have been contributing the most traffic on either side of

the firewall. Please follow the instructions available for Setting Up

Intranets.

o Typical firewall logs are in the following format: 16.1.1.1 www.yahoo.com

10 bytes 1MB (i.e. Source-IP Destination-IP Bytes-Sent Bytes-Received).

But Cisco PIX does not provide a split-up of bytes-sent and bytes-

received, but just provides a cumulative BYTES info. In most of the

cases/protocols, RECEIVED will be more than SENT with respect to the

source who originated the transaction. So we assume BYTES in Cisco PIX

as RECEIVED. And in the case of FTP, Cisco PIX provides another log to

identify the direction of the traffic. In that case, based on FTP put/get, we

will determine whether the traffic is SENT or RECEIVED.

4. I find that Firewall Analyzer keeps crashing or all of a sudden stops collecting

logs. What could be the reason?

The inbuilt MySQL database of Firewall Analyzer could get corrupted if other

processes are accessing these directories. Kindly exclude the Firewall Analyzer

installation directory 'ManageEngine' (it could be in C:\ManageEngine or

D:\ManageEngine) from both the Backup process and Anti-Virus Scans.