Novell Home

Checking the Audit Log on a VPN Server

Novell Cool Solutions: Feature

Digg This - Slashdot This

Posted: 27 Sep 2002
 

Version: BorderManager 3.7

We've heard from a number of readers who want info about how to audit the traffic on their VPN server. This can be an important part of enforcing your security policy, so we thought we'd highlight the process for you.

The VPN audit log enables you to view audit log messages generated by a VPN server. You can also view a detailed explanation of any message.

There are two ways to display the VPN audit log. Both methods have the same capabilities. Using either method from the master server, you can view the audit log of any slave server.

IMPORTANT: You cannot view the audit log of any VPN server that is also a member of another VPN. You can view the audit log of only those VPN servers that are exclusively members of your local VPN.

Method One

To display a VPN audit log using the first method, complete the following steps:

  1. In NetWare Administrator, double-click a VPN server and select the Novell BorderManager 3.7 Setup page.
  2. Click the VPN tab.
  3. Double-click Master Site-to-Site or Slave Site-to-Site under Enable Service.
  4. If you selected Master Site-to-Site, select a VPN member.
  5. Click Status
  6. .
  7. Click a VPN server > click Audit Log.

Method Two

To display a VPN audit log using the second method, complete the following steps:

  1. In NetWare Administrator, click a VPN server whose audit log information you want to view.
  2. Select Novell BorderManager 3.7 from the Tools menu to open the Novell BorderManager 3.7 window.
  3. Right-click Virtual Private Network and select View Member Activity/Log from the menu of options to view the VPN Audit Log window.

    The Audit Log window is under the VPN Activity window.

  4. Do one of the following:
    • To view the audit log for the selected VPN member, click Acquire.

      The latest audit log messages in the database are displayed. Only ten messages are visible at a time, with the most current (latest time stamp) message displayed first. Use the scroll bar or PageDown key to see earlier messages. By default, the latest 100 messages in the audit log database are acquired at a time.

    • To acquire the next set of audit log messages for the selected VPN member, click More.
    • The next 100 messages in the database are displayed. Because only ten messages are visible at a time, use the scroll bar or PageDown key to see the rest. The More button is not available if no more audit log messages are in the database. The More button does not emulate the screen settings. Changes made to the audit log controls take effect after you click Acquire. Only then does the More button use the current settings.
    • To change the number of message entries to acquire at any one time, click the Up-arrow or Down-arrow in the Phase Entries control box.

      The new Phase Entries value is the number of audit log messages acquired the next time you click Acquire.

    • To view additional information about a particular message, double-click the message or click Details.

      An explanation of the message is displayed. If the message is an error message, it also explains how to solve the problem.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell