HP VPN Firewall Appliances System Management and Maintenance Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

101

102

103

104

105

106

107

108

109

110

Item Descri

tion

Source IP Address of

Packets

Set the source IP address of user logging packets.

After you specify the source IP address, when Device A sends user logs to Device

B, it uses the specified IP address instead of the actual egress address as the

source IP address of the packets. In this way, although Device A sends out packets

to Device B through different ports, Device B can judge whether the packets are

sent from Device A according to their source IP addresses. This function also

simplifies ACL and security policy configurations. If you specify the same source

address as the source or destination address in the rule command in ACL, the IP

address variance and the influence of interface status can be masked to filter user

logging packets.

HP recommends using the IP address of the loopback interface as the source IP

address of user logging packets.

Log Host

Configuration

Log Host

Set the IPv4/IPv6 addresses, port number, and the VPN instance (this option is

available only when you specify a log host with an IPv4 address) of the userlog

log host to encapsulate user logs in UDP packets and send them to the specified

userlog log host. The log host can analyze and display the user logs to remotely

monitor the device.

You can specify up to two different userlog log hosts.

IMPORTANT:

To avoid collision with the common UDP port numbers, use a UDP port number in

the range 1025 to 65535.

Log Host

Output userlog to the

information center

Set to output user logs to the information center in the format of system

information.

IMPORTANT:

• With this function enabled, user logs will not be output to the specified userlog

log host.

• Outputting user logs to the information center occupies the storage space of

the device. Output user logs to the information center when there are a small

amount of user logs.

Displaying user logging statistics

If you select to send user logs in UDP packets to the specified userlog log host, you can view the related

statistics, including the total number of user logs sent to the log host, the total number of UDP packets, and

the total number of user logs stored on the device cache.

1. Select Log Report > Userlog from the navigation tree to enter the page as shown in Figure 33.

2. Click the Statisti

cs expansion button on the page to view the user logging statistics as shown

in Figure 34.