F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices System Management and Maintenance Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

100

Item Descri

tion

Source IP Address of

Packets

Set the source IP address of user logging packets.

After you specify the source IP address, when Device A sends user logs to Device B,

it uses the specified IP address instead of the actual egress address as the source IP

address of the packets. In this way, although Device A sends out packets to Device

B through different ports, Device B can judge whether the packets are sent from

Device A according to their source IP addresses. This function also simplifies ACL

and security policy configurations. If you specify the same source address as the

source or destination address in the rule command in ACL, the IP address variance

and the influence of interface status can be masked to filter user logging packets.

HP recommends you to use the IP address of the loopback interface as the source IP

address of user logging packets.

Log Host

Configura

tion

Log Host 1

Set the IPv4/IPv6 addresses, port number, and the VPN instance (this option is

available only when you specify a log host with an IPv4 address) of the userlog log

host to encapsulate user logs in UDP packets and send them to the specified userlog

log host. The log host can analyze and display the user logs to remotely monitor the

device.

You can specify up to two different userlog log hosts.

IMPORTANT:

• To avoid collision with the common UDP port numbers, use a UDP port

number in the range 1025 to 65535.

• Support for the IPv6 log host depends on the device model. For more

information, see

Network Management Configuration Guide

Log Host 2

Output userlog to the

information center

Set to output user logs to the information center in the format of system information.

IMPORTANT:

• With this function enabled, user logs will not be output to the specified userlog

log host.

• Outputting user logs to the information center occupies the storage space of the

device. Output user logs to the information center when there are a small amount

of user logs.

212BDisplaying user logging statistics

If you select to send user logs in UDP packets to the specified userlog log host, you can view the related

statistics, including the total number of user logs sent to the log host, the total number of UDP packets, and

the total number of user logs stored on the device cache.

1. Select Log Report > Userlog from the navigation tree to enter the page as shown in 798HFigure 32.

2. Click the Statistics expansion button on the page to view the user logging statistics as shown

799HFigure 33.