• 所有问题

    • 如何在Juniper防火墙上查看VPN日志

    如题所述

    举报该问题
    其他回答
    第1个回答  推荐于2016-07-14
    以远程拨号(xauth)为例:
    netscreen_isg1000-> get event include 120.31.240.98
    Date Time Module Level Type Description
    2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID
    <6c0f2afe>: Completed negotiations
    with SPI <3eab9265>, tunnel ID< 45468>,
    and lifetime <3600> seconds/<0> KB.
    2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID
    < 6c0f2afe>: Responded to the peer's
    first message.
    2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98>: XAuth login was
    passed for gateway< Test_Gateway>,
    username <xauthtest>, retry: 0, Client
    IP Addr<11.2.2.70>, IPPool name:
    < VPN_TEST_POOL>, Session-Timeout:<0s>,
    Idle-Timeout:<0s>.
    2008-09-14 10:57:12 system info 00536 IKE<120.31.240.98>: XAuth login was
    refreshed for username <xauthtest> at
    < 11.2.2.70/255.255.255.255>.
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial
    contact notification and removed Phase
    1 SAs.
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed
    Aggressive mode negotiations with a
    < 28800>-second lifetime.
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed
    for user <xauthtest>.
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial
    contact notification and removed Phase
    2 SAs.
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a
    notification message for DOI< 1>
    < 24578>< INITIAL-CONTACT>.
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a
    notification message for DOI< 1>
    < 24577>< REPLAY-STATUS>.
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: IKE
    responder has detected NAT in front of
    the remote device.
    2008-09-14 10:57:08 system info 00536 IKE<120.31.240.98> Phase 1: Responder
    starts AGGRESSIVE mode negotiations.
    Total entries matched = 12
    而不要使用以下命令:
    netscreen_isg1000-> get event | in 120.31.240.98
    2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID
    2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID
    2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98>: XAuth login was
    2008-09-14 10:57:12 system info 00536 IKE<120.31.240.98>: XAuth login was
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: IKE
    2008-09-14 10:57:08 system info 00536 IKE<120.31.240.98> Phase 1: Responder
    特别说明:120.31.240.98是VPN发起方公网IP地址。本回答被提问者采纳
    第2个回答  2015-12-30
    以远程拨号(xauth)为例:

    netscreen_isg1000-> get event
    include 120.31.240.98
    Date Time Module Level
    Type Description
    2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID

    <6c0f2afe>: Completed negotiations

    with SPI <3eab9265>, tunnel ID
    <45468>,
    and lifetime
    <3600> seconds/<0> KB.
    2008-09-14 10:57:13 system info 00536
    IKE<120.31.240.98> Phase 2 msg ID

    <6c0f2afe>: Responded to the
    peer's
    first message.
    2008-09-14
    10:57:13 system info 00536 IKE<120.31.240.98>: XAuth login was

    passed for gateway
    <Test_Gateway>,
    username
    <xauthtest>, retry: 0, Client

    IP Addr<11.2.2.70>, IPPool name:

    <VPN_TEST_POOL>, Session-Timeout:<0s>,

    Idle-Timeout:<0s>.
    2008-09-14 10:57:12 system info 00536
    IKE<120.31.240.98>: XAuth login was

    refreshed for username
    <xauthtest> at

    <11.2.2.70/255.255.255.255>.
    2008-09-14 10:57:09 system info 00536
    IKE<120.31.240.98>: Received initial

    contact notification and removed
    Phase
    1 SAs.
    2008-09-14 10:57:09
    system info 00536 IKE<120.31.240.98> Phase 1:
    Completed
    Aggressive
    mode negotiations with a

    <28800>-second lifetime.
    2008-09-14 10:57:09 system info 00536
    IKE<120.31.240.98> Phase 1: Completed

    for user
    <xauthtest>.
    2008-09-14 10:57:09 system info 00536
    IKE<120.31.240.98>: Received initial

    contact notification and removed
    Phase
    2 SAs.
    2008-09-14 10:57:09
    system info 00536 IKE<120.31.240.98>: Received a

    notification message for DOI
    <1>
    <24578>
    <INITIAL-CONTACT>.
    2008-09-14 10:57:09 system info 00536
    IKE<120.31.240.98>: Received a

    notification message for DOI <1>

    <24577>
    <REPLAY-STATUS>.
    2008-09-14 10:57:09 system info 00536
    IKE<120.31.240.98> Phase 1: IKE

    responder has detected NAT in front of

    the remote device.
    2008-09-14
    10:57:08 system info 00536 IKE<120.31.240.98> Phase 1: Responder

    starts AGGRESSIVE mode
    negotiations.
    Total entries matched = 12

    而不要使用以下命令:

    netscreen_isg1000-> get event |
    in 120.31.240.98
    2008-09-14 10:57:13 system info 00536
    IKE<120.31.240.98> Phase 2 msg ID
    2008-09-14 10:57:13 system info
    00536 IKE<120.31.240.98> Phase 2 msg ID
    2008-09-14 10:57:13 system
    info 00536 IKE<120.31.240.98>: XAuth login was
    2008-09-14 10:57:12
    system info 00536 IKE<120.31.240.98>: XAuth login was
    2008-09-14
    10:57:09 system info 00536 IKE<120.31.240.98>: Received initial

    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1:
    Completed
    2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>
    Phase 1: Completed
    2008-09-14 10:57:09 system info 00536
    IKE<120.31.240.98>: Received initial
    2008-09-14 10:57:09 system info
    00536 IKE<120.31.240.98>: Received a
    2008-09-14 10:57:09 system info
    00536 IKE<120.31.240.98>: Received a
    2008-09-14 10:57:09 system info
    00536 IKE<120.31.240.98> Phase 1: IKE
    2008-09-14 10:57:08 system info
    00536 IKE<120.31.240.98> Phase 1: Responder
    相似回答
    juniper防火墙策略设置的策略设置答:也可以手动输入Destination Address 目的地址Service 服务Action 动作:运行通过还是禁止通过,或者通过tunnel走VPN另外还有一些其他选项设置:Session-limit :限制这条策略的session数,在低版本的Juniper防火墙上是没有的Logging :记录日志Modify matching bidirectional VPN policy :建立vpn通道的同时反向建立一...
    想实现瞻博网络Juniper 防火墙ssl vpn通过otp动态令牌双因素认证方式...答:首先,要实现Juniper防火墙的SSL VPN通过OTP动态令牌双因素认证方式拨入,需要进行以下步骤:配置Juniper防火墙:在设备上配置VPN服务和用户身份验证。启用SSL VPN并设置适当的策略。2. 安装OTP服务器:安装一个支持HMAC-SHA算法或TOTP(基于时间)算法的一次性密码生成器,并将其与LDAP、RADIUS等目录集成起来...
    juniper路由器具体怎么设置,详细的来答:VPN连接设置 27初始化设置1.将防火墙设备通电,连接网线从防火墙e0\2口连接到电脑网卡。2.电脑本地连接设置静态IP地址,IP地址192.168.1.2(在192.168.1.0/24都可以),子网掩码255.255.255.0,默认网关192.168.1.1,如下图:3.设置好IP地址后,测试连通,在命令行ping 192.168.1.1,如下图:4.从IE浏览器登陆防火墙web页面...
    juniper SSG-140 报警黄灯每天都亮起,日志里没有报警!需要用clear led...答:1,请本地登入系统,执行get alarm event。一下,是什么原因导致此问题。最好保存log仔细分析。2,清除相关命令有:clear alarm traffic clear alarm event clear led alarm 3,建议关闭外网的telnet,改为内网开启ssh服务,ssh安全性比telnet高。4,关闭防火墙的外网管理端口80和443端口。更改外网管理...
    Juniper客户支持答:在各个专业领域,Juniper稳居市场份额的前列,拥有众多第一的荣誉:它推出了首个基于特定应用集成电路(ASIC)的平台,开启了防火墙技术的新篇章;作为业界先驱,它推出了第一款ASIC防火墙;并且在入侵检测与防护(IDP)产品上也独占鳌头。更值得一提的是,Juniper的SSL VPN产品以其全面性和前瞻性,树立了...
    Juniper SSG-350M-SH主要参数答:Juniper SSG-350M-SH是一款专为企业级设计的防火墙设备,它在网络安全性能上表现出色。这款防火墙的核心特点是其强大的并发连接处理能力,能够同时处理高达128,000个连接,确保网络流量的高效顺畅。在吞吐量方面,它拥有550Mbps的网络吞吐量,足以满足大部分企业级别的网络需求,保证数据传输的高速稳定。安全...
    Juniper解决方案答:集成式防火墙/IPSec VPN是核心组成部分,它们结合了状态检测防火墙和深度检测技术,为应用层提供全面保护,并在企业与远程用户之间建立安全连接。入侵防护方面,Juniper的入侵检测与防护设备(IDP)帮助管理员实时监控网络层和应用层,支持异常事件调查与修复,支持快速部署在线攻击防御体系,确保网络安全稳定。对于...
    大家正在搜
    相关问题
    juniper srx防火墙在web界面怎样查看日志?
    如何在Juniper防火墙上查看VPN日志
    juniper防火墙日志怎么分析啊?怎么看是不是有问题呢
    juniper防火墙如何查询oid号