[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Capturing Firewall System Health

Posted on 2009-05-20
4
Medium Priority
?
253 Views
Last Modified: 2012-05-07
Hi Experts,

Recently we discovered that a Netscreen Firewall we have in our office that connects to another site was getting problems.  The connection breaks every once in a while, and we have to reboot the Netscreen to get it back working.

We contacted a support vendor and which they lent us another same model firewall for temporary replacment... all went smoothly for more than a week.  The vendor check ours and they found no problems in their lab.  So they returned it back to us.

Hoping to isolate and determine the cause of trouble, the supporting vendor sent us a few command to run on the firewall regularly to capture the FW's status.  I am trying to figure a way to run this with a notepad that connects as a console, and dump the command results for storage.  I think of using Putty to telnet through the serial port to do that... but not so certain as how to come up with the batch file that would call putty to connect.  Does anyone know if this is a good way to run script off the firewall to dump status?  or is there any better way of doing it?  

I am running something like:
> c:\putty.exe -telnet 10.0.0.1 -l username -m input.txt
where:
-telnet 10.0.0.1  specifies the protocol and IP
-l : the user account to use
-m : the input file that contains the feed-in commands

Thanks very much
-telnet : specifies it'll be a telnet
0
Comment
Question by:wingkchan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 71

Accepted Solution

by:
Qlemo earned 1500 total points
ID: 24430568
Telnet or SSH are the only ways to do regular jobs on NetScreen. With SSH and a certificate, you even could automate it in the way that you do not have to authenticate - fully automated batch file, that way.

What I use is netcat (in a slightly modifed variant). It allows for piping, so I can generate the commands needed dynamically, and evaluate outputs, all in one go.

Like
(echo MyLogin
 echo MyPwd
 get memory
) | nc -t 10.0.0.1 -i 1 | findstr "memory" > logfile.txt


0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 24439790
Hi,

Why don't you use SNMP for monitoring your Netscreen? Then using any NMS you can get the values.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 24439814
It depends on the set of commands used if you can monitor via SNMP. Many things are not exposed to SNMP, like VPN tunnel traffic. And in the memory area I guess it's similar.
0
 
LVL 2

Author Closing Comment

by:wingkchan
ID: 31592778
Thanks for your suggestion.  However I didn't get to try out your way, because the supporting vendor recommend us to use a software care SecureCRT.  We downloaded the trialware and did some testing. This programs allows calling of vbscript, and schedule to run at defined interval... so every 10 minutes or so, we can run some "get" commands and output them to a file.  It'sworks fine.  Thanks for your input.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question