Diagnose Firewall Connections
Firewall Analyzer allows you to diagnose the active connections passing through the firewall device. You can do it by clicking Diagnose Connections link that is provided in the Settings page.
This feature is available only for Netscreen and Cisco devices.
Firewall Analyzer uses Telnet/SSH protocol to login to the Firewall device and fetches the active connections passing through the Firewall.
Carry out the procedure given below to diagnose the Firewall connections:
- In the Firewall Analyzer web client, select the Settings tab.
- In Settings screen, select the System Settings > Diagnose Connections link. Diagnose Firewall Connection page appears.
- In that page, select the Device Name, Device Type, Login Profile and Define Driteria.
- Select the Device Name from the drop down list. Only the Netscreen and Cisco devices will be listed.
- Select the Device Type (PIX, ASA, FWSM) from the drop down list, in the case Cisco devices. This field is not available for other devices.
- Select the Login Profile from the drop down list. Choose an existing profile or add a new profile by clicking icon beside the drop down box. Carry out the procedure given in the Add New Profile document.
- If a credential profile is already associated for the device, Firewall Analyzer will not prompt you to enter the device Login Profile.
If a credential profile is not associated for the device, you can choose a credential profile to login to the Firewall device using Telnet/SSH. However, the profile chosen will be retained and used only for 'Diagnose Connection' purpose. To associate the login profile to this resource so that the settings will be retained in all other features, go to Settings screen, select the System Settings > Device Rule > Assign Profile link. You have to use the procedure given in the Assign Profile document.
- Define the criteria to fetch the connection for diagnosis using Define Criteria drop down list. The criteria are IP Address, Between IPs, Protocol, and Port. Enter the value in the text box besides 'is' text. By default only one criteria is displayed. To add more criteria, click Add link and to remove criteria click Remove link.
Specify the filter criteria to fetch the active connections from the Firewall device.
To reduce the load on Firewalls, Firewall Analyzer does not fetch all connections. It fetches upto 1000 random connections. If the connections goes beyond 1000 in number it will indicate at the bottom of the connections table.
You can add more criteria or redefine the criteria to reduce the results.
- Click Fetch Connections to fetch the connections for diagnosis. The result will be displayed at the bottom part of the screen.