Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Configuration of Syslog from Zyxel Firewall
- Customer Success & Engineering (Unlicensed)
Overview
Zyxel VPN Firewalls Highly secure and robust VPN for excellent multi-site connection. Utilizing networks to access internal and external mission-critical applications is common and essential for small and medium-sized businesses.
Seceon takes Syslog using Zyxel Firewall on UDP port 514. So, the UDP Port 514 needs to be allowed from the firewall. This document will guide the steps to integrate the Zyxel firewall into Seceon CCE.
Steps of Configuration
Step1. Login to the firewall as the administrator role.
Step 2. Click on Site Wide as shown in the screenshot below.
Step 3. Click on the General setting (as shown in the screenshot below).
Step 4. After navigating to the general setting, you will be redirected to a page.
>>Scroll down the page till Reporting (Highlighted in bold rectangular box)
>>After that click on add (Highlighted in bold rectangular box) and fill in the Server IP (Highlighted in bold rectangular box) and select the Types of log (Security Application Traffic Log and Security Appliance log)
The configuration is done.
Verification
Through UI
STEP1: Login to UI >> SYSTEM>> LOGS AND FLOWS COLLECTION STATUS .
STEP 2: >> LOGS AND FLOWS COLLECTION STATUS .
STEP 3: >>Inside SOURCE DEVICE IP, IP will reflect.
Through CCE server
Run the below command on CCE server
sudo tcpdump -i any portv 514 and host <IP of firewall and enter>
Seceon Inc. All rights reserved. https://www.seceon.com