?
Solved

Capturing Firewall System Health

Posted on 2009-05-20
4
Medium Priority
?
256 Views
Last Modified: 2012-05-07
Hi Experts,

Recently we discovered that a Netscreen Firewall we have in our office that connects to another site was getting problems.  The connection breaks every once in a while, and we have to reboot the Netscreen to get it back working.

We contacted a support vendor and which they lent us another same model firewall for temporary replacment... all went smoothly for more than a week.  The vendor check ours and they found no problems in their lab.  So they returned it back to us.

Hoping to isolate and determine the cause of trouble, the supporting vendor sent us a few command to run on the firewall regularly to capture the FW's status.  I am trying to figure a way to run this with a notepad that connects as a console, and dump the command results for storage.  I think of using Putty to telnet through the serial port to do that... but not so certain as how to come up with the batch file that would call putty to connect.  Does anyone know if this is a good way to run script off the firewall to dump status?  or is there any better way of doing it?  

I am running something like:
> c:\putty.exe -telnet 10.0.0.1 -l username -m input.txt
where:
-telnet 10.0.0.1  specifies the protocol and IP
-l : the user account to use
-m : the input file that contains the feed-in commands

Thanks very much
-telnet : specifies it'll be a telnet
0
Comment
Question by:wingkchan
  • 2
4 Comments
 
LVL 72

Accepted Solution

by:
Qlemo earned 1500 total points
ID: 24430568
Telnet or SSH are the only ways to do regular jobs on NetScreen. With SSH and a certificate, you even could automate it in the way that you do not have to authenticate - fully automated batch file, that way.

What I use is netcat (in a slightly modifed variant). It allows for piping, so I can generate the commands needed dynamically, and evaluate outputs, all in one go.

Like
(echo MyLogin
 echo MyPwd
 get memory
) | nc -t 10.0.0.1 -i 1 | findstr "memory" > logfile.txt


0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 24439790
Hi,

Why don't you use SNMP for monitoring your Netscreen? Then using any NMS you can get the values.
0
 
LVL 72

Expert Comment

by:Qlemo
ID: 24439814
It depends on the set of commands used if you can monitor via SNMP. Many things are not exposed to SNMP, like VPN tunnel traffic. And in the memory area I guess it's similar.
0
 
LVL 2

Author Closing Comment

by:wingkchan
ID: 31592778
Thanks for your suggestion.  However I didn't get to try out your way, because the supporting vendor recommend us to use a software care SecureCRT.  We downloaded the trialware and did some testing. This programs allows calling of vbscript, and schedule to run at defined interval... so every 10 minutes or so, we can run some "get" commands and output them to a file.  It'sworks fine.  Thanks for your input.
0

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

584 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question