You have set up a firewall and management module on one NT box and a remote module on a
different location. You receive only sporadic logs from the local firewall and only and control
message from remote firewall. All rules on both firewalls are logging and you know the traffic is
flowing through the firewall using these rules. All the firewall related services are running and you
are using NAT and you receive few logs from the local firewall.
What actions from the choices below would you perform to find out why you cannot see logs?
A.
Make sure there is no masters file in SFWDIR/conf on the remote module.
B.
Make sure there is no masters file in SFWDIR/conf on the local NT box.
C.
See if you can do a fwfetch from the module.
D.
Run the fw logexport -t -n from the command line prompt on the remote module.
E.
Use pulist.exe from the Windows NT resource kit.
Explanation:
this is the correct answer because with a fetch we can see if the firewall module can make a
successful authentication and can install the latest security policy, confirming reach ability and
integrity. Using this command you can proof that the settings are well configured between the
firewall module and the Management console.
Incorrect Answers:
A: We need a masters file in this box, because it will tell where is the management module and
where to log. It also says where is the firewall going to fetch its policy at boot time.
B: We need a masters file in the local box because this management console is also has a firewall
module, the master file will redirect the firewall module to the local host as the management
console.
D: This command is used to dump logs in ASCII format, we need to see the logs at the
management module, we don’t need to convert the default format of them. Its good to analyze logs
with 3rd party applications.
E: This is not a valid option, we are having problems at the firewall communication level, not at the
operating system level. Also we have connectivity because we receive control messages from the
remote box.