Protocol Inspection
— reports from individual Kerio Control's protocol inspectors (sorted by protocol),
Kerio VPN
— detailed information on traffic within Kerio VPN — VPN tunnels, VPN clients, encryptions, exchange
of routing information, etc.
IPsec
— detailed information about IPsec traffic:
Select
General
for general information about IPsec tunnel.
Select
Charon output
for solving problems with ciphers (the same cipher must be used on both end-
points).
Select
L2TPD output
/
PPPD output
for solving problems with L2TP/PPP tunnels.
www.gfi.com
3 Using
|
139
3.8.5 Using the Dial log
Logs keep information records of selected events occurred in or detected by Kerio Control. For more information about
configuring and using logs, see article
Configuring and using logs in Kerio Control
.
The Dial log displays data about dialing and hanging up the dial-up lines, and about time spent on-line.
Reading the Dial log
1.
Manual connection (from Kerio Control administration or Kerio Control client interface)
[31/Jul/2013 11:41:48] Line "Connection" dialing manually from IP
10.10.10.60, user admin.
[31/Jul/2013 11:42:04] Line "Connection" connected
The first log item is reported upon initialization of dialing. The log provides information about line name, IP address and
username.
Another event is logged upon a successful connection (i.e. when the line is dialed, upon authentication on a remote
server, etc.).
2.
Automatic connections. Automatic dialing due to time range is logged as:
[10/Jul/2013 14:19:22] Line "Kerio PPPoE" dialing due to configured
connect time.
Automatic dialing due to configured connectivity options (e.g. Link Load Balancing) is logged as:
[10/Jul/2013 14:34:44] Line "Kerio PPPoE" dialing, required by internet
connectivity.
3.
Line disconnection (manual or automatic, performed after a certain period of idleness)
15/Mar/2013 15:29:18] Line "Connection" hanging up, manually from IP
10.10.10.60, user Admin.
[15/Mar/2013 15:29:20] Line "Connection" disconnected, connection time
00:15:53, 1142391 bytes received, 250404 bytes transmitted
The first log item is recorded upon reception of a hang-up request. The log provides information about interface name,
client type, IP address and username.
The second event is logged upon a successful hang-up. The log provides information about interface name, time of
connection (
connection time
), volume of incoming and outgoing data in bytes (
bytes received
and
bytes transmitted
).
4.
Disconnection caused by an error (connection is dropped)
[15/Mar/2013 15:42:51] Line "Connection" dropped, connection time
00:17:07, 1519 bytes received, 2504 bytes transmitted
The items are the same as in the previous case (the second item — the
disconnected
report).
5.
Dial of the link on respond to a packet from local network
[15/Mar/2013 15:53:42] Packet TCP 192.168.1.3:8580 > 212.20.100.40:80
initiated dialing of line "Connection"
[15/Mar/2013 15:53:53] Line "Connection" successfully connected
The log provides:
www.gfi.com
3 Using
|
140
description of the packet (protocol, source IP address, destination port, destination IP address, destination
port),
name of the line to be dialed.
Another event is logged upon a successful connection (i.e. when the line is dialed, upon authentication on a remote
server, etc.).
Do'stlaringiz bilan baham: |