Home > Netgear > Router > Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual

Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 691
    Add page 651 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
649  ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
•PPTP idle time-out logs
•PPP authentication logs
Table 26.  System logs: WAN status, PPTP idle time-out 
Message Nov 29 11:19:02 [FVS336Gv2] [pppd] Starting connection
Nov 29 11:19:05 [FVS336Gv2] [pppd] CHAP authentication succeeded
Nov 29 11:19:05 [FVS336Gv2] [pppd] local IP address 192.168.200.214
Nov 29 11:19:05 [FVS336Gv2] [pppd] remote IP address 192.168.200.1
Nov 29 11:19:05 [FVS336Gv2] [pppd] primary DNS address 202.153.32.2
Nov 29 11:19:05 [FVS336Gv2] [pppd] secondary DNS address 
202.153.32.2
Nov 29 11:20:45 [FVS336Gv2] [pppd] No response to 10 echo-requests
Nov 29 11:20:45 [FVS336Gv2] [pppd] Serial link appears to be 
disconnected.
Nov 29 11:20:45 [FVS336Gv2] [pppd] Connect time 1.7 minutes.
Nov 29 11:20:45 [FVS336Gv2] [pppd] Sent 520 bytes, received 80 bytes.
Nov 29 11:20:51 [FVS336Gv2] [pppd] Connection terminated.
Explanation Message 1: Starting PPP connection process.
Message 2: Message from the server for authentication success.
Message 3: Local IP address assigned by the server.
Message 4: Server side IP address. 
Message 6: The primary DNS server that is configured on the WAN ISP 
Settings screen.
Message 7: The secondary DNS server that is configured on the WAN ISP 
Settings screen.
Message 7: Sensing idle link.
Message 8: Idle link sensed.
Message 9: Data sent and received at the LAN side while the link was up.
Message 10: PPP connection terminated after idle time-out.
Recommended action To reconnect during idle mode, initiate traffic from the LAN side.
Table 27.  System logs: WAN status, PPP authentication  
Message Nov 29 11:29:26 [FVS336Gv2] [pppd] Starting link
Nov 29 11:29:29 [FVS336Gv2] [pppd] Remote message: Login incorrect
Nov 29 11:29:29 [FVS336Gv2] [pppd] PAP authentication failed
Nov 29 11:29:29 [FVS336Gv2] [pppd] Connection 
terminated.WAN2(DOWN)_
Explanation Starting link: Starting PPPoE connection process.
Remote message: Login incorrect: Message from PPPoE server for 
incorrect login.
PAP authentication failed: PPP authentication failed due to incorrect login.
Connection terminated: PPP connection terminated.
Recommended action If authentication fails, then check the login and password and enter the 
correct one.
    Add page 652 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
650 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 
Resolved DNS Names
This section describes the logs of DNS name resolution messages.
VPN Log Messages
This section explains logs that are generated by IPSec VPN and SSL VPN policies. These 
logs are generated automatically and do not need to be enabled.
•IPSec VPN Logs 
•SSL VPN Logs 
IPSec VPN Logs
This section describes the log messages generated by IPSec VPN policies.
Note:The same IPSec VPN log messages can appear in the logs that are 
accessible when you select the VPN check box on the Firewall Logs & 
E-mail screen (see 
Manage Logging, Alerts, and Event Notifications 
on page 567) and in the logs on the IPSec VPN Logs screen (see 
View the VPN Logs on page 593).
Table 28.  System logs: DNS name resolution messages 
Message 2000 Jan 1 05:12:00 [FVS336Gv2] [dnsmasq] [DNSRESOLV]:teamf1.com from 
192.168.11.2
Explanation This log is generated when the DNS name (that is, teamf1) is resolved.
Recommended action None
    Add page 653 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
651  ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
Table 29.  System logs: IPSec VPN tunnel, tunnel establishment 
Messages 1 through 5
Messages 6 and 7 
 
Messages 8 through 19
 
 
Messages 20 and 21 
 2000 Jan 1 04:01:39 [FVS336Gv2] [wand] [IPSEC] IPSEC Restarted
2000 Jan 1 04:02:09 [FVS336Gv2] [wand] [FW] Firewall Restarted
2000 Jan 1 04:02:29 [FVS336Gv2] [IKE] IKE stopped_
2000 Jan 1 04:02:31 [FVS336Gv2] [IKE] IKE started_
2000 Jan 1 04:02:31 [FVS336Gv2] [wand] [IPSEC] IPSEC Restarted
2000 Jan 1 04:07:04 [FVS336Gv2] [IKE] Adding IPSec configuration with identifier 
pol1_
2000 Jan 1 04:07:04 [FVS336Gv2] [IKE] Adding IKE configuration with identifier 
pol1_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Configuration found for 20.0.0.1[500]._
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Received request for new phase 1 
negotiation: 20.0.0.2[500]20.0.0.1[500]_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Beginning Identity Protection mode._
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Received Vendor ID: RFC XXXX_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Received Vendor ID: DPD_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] DPD is Enabled_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] For 20.0.0.1[500], Selected NAT-T 
version: RFC XXXX_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Setting DPD Vendor ID_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Received Vendor ID: KAME/racoon_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] NAT-D payload matches for 
20.0.0.2[500]_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] NAT-D payload matches for 
20.0.0.1[500]_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] NAT not detected _
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] ISAKMP-SA established for 
20.0.0.2[500]-20.0.0.1[500] with spi:c56f7a1d42baf28a:68fcf85e3c148bd8_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Sending Informational Exchange: notify 
payload[INITIAL-CONTACT]_
Messages 22 and 23 
 
Messages 24 and 25 
 2000 Jan 1 04:13:40 [FVS336Gv2] [IKE] Responding to new phase 2 negotiation: 
20.0.0.2[0]20.0.0.1[0]_
2000 Jan 1 04:13:40 [FVS336Gv2] [IKE] Using IPSec SA configuration: 
192.168.11.0/24192.168.10.0/24_
2000 Jan 1 04:13:41 [FVS336Gv2] [IKE] IPSec-SA established: ESP/Tunnel 
20.0.0.1->20.0.0.2 with spi=34046092(0x207808c)_
2000 Jan 1 04:13:41 [FVS336Gv2] [IKE] IPSec-SA established: ESP/Tunnel 
20.0.0.2->20.0.0.1 with spi=87179451(0x53240bb)_
Explanation Message 1–5: IPSec, IKE, and VPN firewall restart.
Message 6–7: IPSec and IKE configurations are added with the identifier “pol1.”
Message 8–19: New phase 1 negotiation starts by determining the configuration for 
the WAN host. Dead Peer Detection (DPD) is enabled and set. NAT payload 
matching and NAT detection are done.
Message 20–21: ISAKMP-SA is established between the two WANs and 
information is exchanged.
Message 22–23: New phase 2 negotiation starts by using IPSec SA configuration 
pertaining to the LAN hosts.
Message 24–25: IPSec-SA VPN tunnel is established.
    Add page 654 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
652 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 
 
Recommended action None
Table 30.  System logs: IPSec VPN tunnel, SA lifetime (150 sec in phase 1;                          300 sec in phase 2), VPN tunnel is reestablished 
Message 1 
Messages 2 through 6 
 
 
 
Message 7 
Messages 8 through 11 
 
 
 2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] Sending Informational Exchange: delete 
payload[]_
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] purged IPSec-SA proto_id=ESP spi=
181708762._
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] purged IPSec-SA proto_id=ESP spi=
153677140._
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] an undead schedule has been deleted: 
pk_recvupdate._
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] IPSec configuration with identifier pol1 
deleted successfully_
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] no phase 2 bounded._
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] Sending Informational Exchange: delete 
payload[]_
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] Purged ISAKMP-SA with spi=
d67f2be9ca0cb241:8a094623c6811286._
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] an undead schedule has been deleted: 
purge_remote._
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] IKE configuration with identifier pol1 
deleted successfully_
2000 Jan 1 04:32:25 [FVS336Gv2] [IKE] Could not find configuration for 
20.0.0.1[500]_
Explanation Message 1: Informational exchange for deleting the payload.
Message 2–6: Phase 2 configuration is purged and confirms that no phase 2 is 
bounded.
Message 7: Informational exchange for deleting the payload.
Message 8–11: Phase 1 configuration.
The VPN tunnel is reestablished.
Recommended action None
Table 29.  System logs: IPSec VPN tunnel, tunnel establishment (continued)
    Add page 655 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
653  ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
  
Table 31.  System logs: IPSec VPN tunnel, SA lifetime (150 sec in phase 1;                          300 sec in phase 2), VPN tunnel not reestablished 
Message 2000 Jan 1 04:52:33 [FVS336Gv2] [IKE] Using IPSec SA configuration: 
192.168.11.0/24192.168.10.0/24_
2000 Jan 1 04:52:33 [FVS336Gv2] [IKE] Configuration found for 20.0.0.1._
2000 Jan 1 04:52:59 [FVS336Gv2] [IKE] Phase 1 negotiation failed due to time up 
for 20.0.0.1[500]. b73efd188399b7f2:0000000000000000_
2000 Jan 1 04:53:04 [FVS336Gv2] [IKE] Phase 2 negotiation failed due to time up 
waiting for phase 1. ESP 20.0.0.1->20.0.0.2 _
2000 Jan 1 04:53:05 [FVS336Gv2] [IKE] Using IPSec SA configuration: 
192.168.11.0/24192.168.10.0/24_
2000 Jan 1 04:53:05 [FVS336Gv2] [IKE] Configuration found for 20.0.0.1._
2000 Jan 1 04:53:05 [FVS336Gv2] [IKE] Initiating new phase 1 negotiation: 
20.0.0.2[500]20.0.0.1[500]_
2000 Jan 1 04:53:05 [FVS336Gv2] [IKE] Beginning Identity Protection mode._
2000 Jan 1 04:53:05 [FVS336Gv2] [IKE] Setting DPD Vendor ID_
2000 Jan 1 04:53:36 [FVS336Gv2] [IKE] Phase 2 negotiation failed due to time up 
waiting for phase 1. ESP 20.0.0.1->20.0.0.2 _
Explanation Phase 1 and phase 2 negotiations failed because of a mismatch of the WAN IP 
address in the IPSec VPN policy and the WAN IP address of the remote host 
attempting to establish the IPSec VPN tunnel.
Recommended action None
Table 32.  System logs: IPSec VPN tunnel, Dead Peer Detection and keep-alive                          (default 30 sec) 
Messages 1 through 4 
Message 5
Message 6 
Message 72000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Received request for new phase 1 
negotiation: 20.0.0.2[500]20.0.0.1[500]_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Beginning Identity Protection mode._
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Received Vendor ID: RFC XXXX_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Received Vendor ID: DPD_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] DPD is Enabled_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] For 20.0.0.1[500], Selected NAT-T 
version: RFC XXXX_
2000 Jan 1 04:13:39 [FVS336Gv2] [IKE] Setting DPD Vendor ID_
Explanation Message 1–4: After receiving a request for phase 1 negotiation, a Dead Peer 
Detection vendor ID is received.
Message 5: DPD is enabled.
Message 7: The DPD vendor ID is set.
Recommended action None
    Add page 656 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
654 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 
 
Table 33.  System logs: IPSec VPN tunnel, Dead Peer Detection and keep-alive 
                         (default 30 sec), VPN tunnel torn down 
Message 1 
 
Message 2 
Message 32000 Jan 1 06:01:18 [FVS336Gv2] [VPNKA] Keep alive to peer 192.168.10.2 
failed 3 consecutive times and 5 times cumulative_
2000 Jan 1 06:01:19 [FVS336Gv2] [IKE] DPD R-U-THERE sent to 
20.0.0.1[500]_
2000 Jan 1 06:01:19 [FVS336Gv2] [IKE] DPD R-U-THERE-ACK received from 
20.0.0.1[500]_
Explanation Message 1: When the remote host connection is removed and when there are 
no packets from the remote host, the VPN firewall sends packets to keep the 
remote host alive. As the connection itself is removed, keep-alive fails.
Message 2: The VPN firewall sends packets to check whether the peer is dead.
Message 3: The VPN firewall receives an acknowledgment that the peer is 
dead. The connection is removed.
Recommended action None
Table 34.  System logs: IPSec VPN tunnel, client policy, disconnection from the client side 
Message 2000 Jan 1 02:34:45 [FVS336Gv2] [IKE] Deleting generated policy for 20.0.0.1[0]_
2000 Jan 1 02:34:45 [FVS336Gv2] [IKE] an undead schedule has been deleted: 
pk_recvupdate._
2000 Jan 1 02:34:45 [FVS336Gv2] [IKE] Purged IPSec-SA with proto_id=ESP and 
spi=3000608295(0xb2d9a627)._
2000 Jan 1 02:34:45 [FVS336Gv2] [IKE] Purged IPSec-SA with proto_id=ESP and 
spi=248146076(0xeca689c)._
2000 Jan 1 02:34:45 [FVS336Gv2] [IKE] Purged ISAKMP-SA with proto_id=
ISAKMP and spi=da1f2efbf0635943:4eb6fae677b2e4f4._
2000 Jan 1 02:34:46 [FVS336Gv2] [IKE] ISAKMP-SA deleted for 
20.0.0.2[500]-20.0.0.1[500] with spi:da1f2efbf0635943:4eb6fae677b2e4f4_
Explanation Phase 2 and phase 1 policies are deleted when the client is disconnected.
Recommended action None
    Add page 657 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
655  ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
SSL VPN Logs
This section describes the log messages that are generated by SSL VPN policies.
Table 35.  System logs: IPSec VPN tunnel, client policy behind a NAT device 
 
 
Message 3 
 
 
Message 62000 Jan 1 01:54:21 [FVS336Gv2] [IKE] Floating ports for NAT-T with peer 
20.0.0.1[4500]_
2000 Jan 1 01:54:21 [FVS336Gv2] [IKE] NAT-D payload matches for 
20.0.0.2[4500]_
2000 Jan 1 01:54:21 [FVS336Gv2] [IKE] NAT-D payload does not match for 
20.0.0.1[4500]_
2000 Jan 1 01:54:21 [FVS336Gv2] [IKE] Ignore REPLAY-STATUS notification 
from 20.0.0.1[4500]._
2000 Jan 1 01:54:21 [FVS336Gv2] [IKE] Ignore INITIAL-CONTACT notification 
from 20.0.0.1[4500] because it is only accepted after phase 1._
2000 Jan 1 01:54:21 [FVS336Gv2] [IKE] NAT detected: Peer is behind a NAT 
device_
Explanation These logs are generated when the remote WAN host is connected through a 
device such as the VPN firewall. NAT is detected before phase 1 is established.
Message 3: NAT-D does not match the remote host.
Message 6: The VPN firewall confirms that the remote host or the peer is 
behind a NAT device.
Recommended action None
Table 36.  System logs: SSL VPN tunnel, WAN host and interface 
Message 2000 Jan 1 03:44:55 [FVS336Gv2] [sslvpntunnel]
id=FVS336Gv2 time=2000-1-1 3:44:55 fw=20.0.0.2 pri=6 rule=access-policy 
proto=SSL VPN Tunnel src=20.0.0.1 user=sai dst=20.0.0.2 arg= op= result= 
rcvd= msg=SSL VPN Tunnel
Explanation An SSL VPN tunnel is established for ID FVS336Gv2 with the WAN host 20.0.0.1 
through WAN interface 20.0.0.2 and logged in with the user name “sai.”
Recommended action None
Table 37.  System logs: VPN log messages, port forwarding, WAN host and interface 
Message 2000 Jan 1 01:30:08 [FVS336Gv2] [portforwarding]
id=FVS336Gv2 time=2000-1-1 1:30: 8 fw=20.0.0.2 pri=6 rule=access-policy 
proto=Port Forwarding src=20.0.0.1 user=sai dst=20.0.0.2 arg= op= result= 
rcvd= msg=Port Forwarding
Explanation An SSL VPN tunnel through port forwarding is established for ID FVS336Gv2 with 
the WAN host 20.0.0.1 through WAN interface 20.0.0.2 and logged in with the user 
name “sai.”
Recommended action None
    Add page 658 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
656 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 
Traffic Meter Logs
Routing Logs
The following sections provide information about routing log messages:
•LAN to WAN Logs
•LAN to DMZ Logs
•DMZ to WAN Logs
•WAN to LAN Logs
•DMZ to LAN Logs
•WAN to DMZ Logs
These sections explain the logging messages for the various network segments (such as 
LAN to WAN) for
  debugging purposes. These logs might generate a significant volume of 
messages.
Table 38.  System logs: VPN log messages, port forwarding, LAN host and interface
Message 2000 Jan 1 01:35:41 [FVS336Gv2] [portforwarding]
id=FVS336Gv2 time=2000-1-1 1:35:41 fw=192.168.11.1 pri=6 rule=access-policy 
proto=Virtual Transport (Java) src=192.168.11.2 user=sai dst=192.168.11.1 arg=
 op= result= rcvd= msg=Virtual Transport (Java)
Explanation An SSL VPN tunnel through port forwarding is established for ID FVS336Gv2 from 
the LAN host 192.168.11.2 with interface 192.168.11.1 and logged in with the user 
name “sai.”
Recommended action None
Table 39.  System logs: traffic meter 
Message Jan 23 19:03:44 [TRAFFIC_METER] TRAFFIC_METER: Monthly Limit of 10 MB 
has reached for WAN1._
Explanation Traffic limit to WAN1 that was set as 10 Mb is reached.
This stops all the incoming and outgoing traffic, that is, if you selected the Block All 
Traffic radio button in the When Limit is Reached section on the WAN TrafficMeter 
screen.
Recommended action To start the traffic, restart the traffic limit counter.
    Add page 659 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
657  ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
LAN to WAN Logs
LAN to DMZ Logs
DMZ to WAN Logs
WAN to LAN Logs
Table 40.  Routing logs: LAN to WAN 
Message Nov 29 09:19:43 [FVS336Gv2] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN 
SRC=192.168.10.10 DST=72.14.207.99 PROTO=ICMP TYPE=8 CODE=0
Explanation
• This packet from LAN to WAN is allowed by the firewall.
• For other settings, see Table 13 on page 642.
Recommended action None
Table 41.  Routing logs: LAN to DMZ 
Message Nov 29 09:44:06 [FVS336Gv2] [kernel] LAN2DMZ[ACCEPT] IN=LAN OUT=DMZ 
SRC=192.168.10.10 DST=192.168.20.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
• This packet from LAN to DMZ is allowed by the firewall.
• For other settings, see Table 13 on page 642.
Recommended action None
Table 42.  Routing logs: DMZ to WAN 
Message Nov 29 09:19:43 [FVS336Gv2] [kernel] DMZ2WAN[DROP] IN=DMZ OUT=WAN 
SRC=192.168.20.10 DST=72.14.207.99 PROTO=ICMP TYPE=8 CODE=0
Explanation
• This packet from DMZ to WAN is dropped by the firewall.
• For other settings, see Table 13 on page 642.
Recommended action None
Table 43.  Routing logs: WAN to LAN 
Message Nov 29 10:05:15 [FVS336Gv2] [kernel] WAN2LAN[ACCEPT] IN=WAN OUT=LAN 
SRC=192.168.1.214 DST=192.168.10.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
• This packet from LAN to WAN is allowed by the firewall.
• For other settings, see Table 13 on page 642.
Recommended action None
    Add page 660 to Favourites
    image text
    Enable zoom 
    							 System Logs and Error Messages
658 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 
DMZ to LAN Logs
WAN to DMZ Logs
Other Event Logs
The following sections provide information about other event messages:
•Session Limit Logs
•Source MAC Filter Logs
•Bandwidth Limit Logs
These sections describe the log messages generated by other events such source MAC 
filtering, session limiting, and bandwidth limiting. For information about how to select these 
logs, see 
Manage Logging, Alerts, and Event Notifications on page 567.
Session Limit Logs
Table 44.  Routing logs: DMZ to WAN 
Message Nov 29 09:44:06 [FVS336Gv2] [kernel] DMZ2LAN[DROP] IN=DMZ OUT=LAN 
SRC=192.168.20.10 DST=192.168.10.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
• This packet from DMZ to LAN is dropped by the firewall.
• For other settings, see Table 13 on page 642.
Recommended action None
Table 45.  Routing logs: WAN to DMZ 
Message Nov 29 09:19:43 [FVS336Gv2] [kernel] WAN2DMZ[ACCEPT] IN=WAN OUT=DMZ 
SRC=192.168.1.214 DST=192.168.20.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
• This packet from WAN to DMZ is allowed by the firewall.
• For other settings, see Table 13 on page 642.
Recommended action None
Table 46.  Other event logs: session limit logs 
Message 2000 Jan 1 06:53:33 [FVS336Gv2] [kernel] SESS_LIMIT[DROP] IN=LAN OUT=
WAN SRC=192.168.11.2 DST=20.0.0.1 PROTO=TCP SPT=50709 DPT=21
Explanation When two FTP sessions are established from the same LAN host at IP address 
192.168.11.2 and a session limit (SESS_LIMIT) is set as 1, the FTP packets from 
the second session are dropped.
Recommended action Change the session limit to 2 to prevent packets from being dropped.
    All Netgear manuals Comments (0)

    Related Manuals for Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual