Firewall Wizards mailing list archives
RE: Netscreen email logging
From: "Philip J. Koenig" <pjklist () ekahuna com>
Date: Fri, 27 Sep 2002 11:49:38 -0700
On 27 Sep 2002 at 11:03, Eddy Kalem boldly uttered:
Where's the mail host located? Trusted or Untrusted interfaces?
On the 5XP - trusted, on the 25 - untrusted. Right now I'm in testing mode with the 25, I have it in a test network prior to installation in the live network. The only idiosyncracy in the test network is that since I'm using the same routable IPs as the box will use "in real life", they are not routable to the internet (my ISP isn't routing someone else's IPs to me) so I can't send traffic to the "world at large". However I have this running through a Cisco which is connected directly to and has a static route to the subnet which holds the SMTP server. Connectivity to that subnet is fine, I can send traffic both ways normally. (for the moment the SMTP server's subnet thinks the route to the Netscreen's subnet is through my internal Cisco, instead of my external gateway)
Have you checked your logs as to a possible reason why it's not working?
If you're referring to "get log event" or "get log self" or "get alarm event" etc, then yes I've checked those. No indication it either tried or failed to send email logs. (I have no idea if it logs this anyway) I've also looked at the SMTP server logs and there's no indication the Netscreen attempted to open an SMTP handshake with it.
I compared your entries to mine and seems you have the appropriate entries. My mail server is on my Trusted interface. Eddy Kalem
Thanks for your suggestions.. I'm still stumped on this.
-----Original Message----- From: Philip J. Koenig [mailto:pjklist () ekahuna com] Sent: Thursday, September 26, 2002 8:07 PM To: firewall-wizards () nfr com Subject: [fw-wiz] Netscreen email logging I have tried to get email alerts and logs working with 2 different Netscreen boxes (5XP Elite and 25) with no success. Everything else pretty much works as expected except this. I have asked Netscreen support about it more than once and get the equivalent of a shrug from them. Is there some secret to this I'm missing? Here are the relevant entries from the configuration file: set admin mail alert set admin mail traffic-log set admin mail server-name <hostname or IP> set admin mail mail-addr1 <email address> I've finally gotten used to their idiosyncracy of needing a manual route entry for any network that receives or sends to the firewall itself, so this isn't the problem.
-- Philip J. Koenig pjklist () ekahuna com Electric Kahuna Systems -- Computers & Communications for the New Millenium _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Netscreen email logging Philip J. Koenig (Sep 27)
- <Possible follow-ups>
- RE: Netscreen email logging Philip J. Koenig (Sep 27)
- RE: Netscreen email logging Philip J. Koenig (Sep 27)
- RE: Netscreen email logging Bruce Platt (Sep 28)
- RE: Netscreen email logging Clark, Steve (Sep 28)
- RE: Netscreen email logging Philip J. Koenig (Sep 28)
- RE: Netscreen email logging Bruce Platt (Sep 28)