Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1131113211331134113511361137113811391140
10-35
Troubleshooting
Troubleshooting the TMS zl Module in Routing Mode
Interpreting Log Messages
As you view log messages, you must learn to identify which ones are related
to the firewall and which are related to IPS. Log messages related to the
firewall begin with fw, such as fw_access_control or fw_l2l3_attack. For
example, Figure 10-7 on page 10-33 shows log messages that include
fw_1213_attack.
Log messages related to IPS begin with ips, such as ips_attack_family or
ips_protocol_anomaly_family.
Troubleshooting Problems with Logs
This section describes how to troubleshoot problems with sending:
Log messages to a syslog server
Log messages to an email server
SNMP traps to an SNMP trap receiver
Syslog Server. If you configure the TMS zl Module to send messages to a
syslog server but it does not receive any logs, check the following:
1. Verify that the syslog settings are correct by completing one of the
following:
From the Web browser interface, click System > Logging > Syslog
Forwarding.
From the CLI, enter:
hostswitch(tms-module-C)# show logging syslog
2. Ensure that the appropriate Self access policy is added to allow the TMS
zl Module’s syslog client to contact the syslog server.
From the Web browser interface, click Firewall > Access Policies >
Unicast.
From the CLI, enter:
hostswitch(tms-module-C)# show access-policy