Home » Kerio User Forums » Kerio Control » Logging/Alert Anomaly (Alerts + Logs + GeoIP Filter)

Messages: 285
Karma: 59
Send a private message to this user
I have configured my Control appliance to Alert me via email when an IPsec VPN is attempted and when a VPN Client is admitted. I also have set Traffic Rules to log IPsec access.

Last night I received an Alert via email, but there is no record from logging of any activity (Debug, Error, Connection, Filter). It also came from an IP that GeoIP should have blocked (which it might and could have lead to the anomaly). Essentially, I have GeoIP blocking everything but one country (home country).

Obviously, for a security device, logging is a rather critical component you would like to trust.

Is there some behavior that GeoIP is introducing that can account for the logging discrepancies?
Previous Topic: Snmp Monitoring of firewall running KerioOS 8.x or later
Next Topic: NG300W
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Jan 16 15:55:54 CET 2019

Total time taken to generate the page: 0.76615 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.