[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Capturing Firewall System Health

Posted on 2009-05-20
4
Medium Priority
?
254 Views
Last Modified: 2012-05-07
Hi Experts,

Recently we discovered that a Netscreen Firewall we have in our office that connects to another site was getting problems.  The connection breaks every once in a while, and we have to reboot the Netscreen to get it back working.

We contacted a support vendor and which they lent us another same model firewall for temporary replacment... all went smoothly for more than a week.  The vendor check ours and they found no problems in their lab.  So they returned it back to us.

Hoping to isolate and determine the cause of trouble, the supporting vendor sent us a few command to run on the firewall regularly to capture the FW's status.  I am trying to figure a way to run this with a notepad that connects as a console, and dump the command results for storage.  I think of using Putty to telnet through the serial port to do that... but not so certain as how to come up with the batch file that would call putty to connect.  Does anyone know if this is a good way to run script off the firewall to dump status?  or is there any better way of doing it?  

I am running something like:
> c:\putty.exe -telnet 10.0.0.1 -l username -m input.txt
where:
-telnet 10.0.0.1  specifies the protocol and IP
-l : the user account to use
-m : the input file that contains the feed-in commands

Thanks very much
-telnet : specifies it'll be a telnet
0
Comment
Question by:wingkchan
  • 2
4 Comments
 
LVL 71

Accepted Solution

by:
Qlemo earned 1500 total points
ID: 24430568
Telnet or SSH are the only ways to do regular jobs on NetScreen. With SSH and a certificate, you even could automate it in the way that you do not have to authenticate - fully automated batch file, that way.

What I use is netcat (in a slightly modifed variant). It allows for piping, so I can generate the commands needed dynamically, and evaluate outputs, all in one go.

Like
(echo MyLogin
 echo MyPwd
 get memory
) | nc -t 10.0.0.1 -i 1 | findstr "memory" > logfile.txt


0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 24439790
Hi,

Why don't you use SNMP for monitoring your Netscreen? Then using any NMS you can get the values.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 24439814
It depends on the set of commands used if you can monitor via SNMP. Many things are not exposed to SNMP, like VPN tunnel traffic. And in the memory area I guess it's similar.
0
 
LVL 2

Author Closing Comment

by:wingkchan
ID: 31592778
Thanks for your suggestion.  However I didn't get to try out your way, because the supporting vendor recommend us to use a software care SecureCRT.  We downloaded the trialware and did some testing. This programs allows calling of vbscript, and schedule to run at defined interval... so every 10 minutes or so, we can run some "get" commands and output them to a file.  It'sworks fine.  Thanks for your input.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses
Course of the Month18 days, 8 hours left to enroll

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question