Where to find FW logs
Hi all,
I recently replaced a Firewalla with an ER605v2 because the Firewalla died and the rest of my network is Omada (OC200, SG2016P, EAP660HD, etc.)
I have 2 VLANs configured, Main (Vlan 1) and IoT (Vlan 200). I've created a rule to block all ports from IoT to Main which is working fine.
I'd like to see for example that IP 192.168.200.4 tried to communicate with 192.168.1.25 on port 80 but it was blocked.
Where can I find what it is actually blocking (and as I add more FW rules, what it is allowing through)?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Believe it or not, it's currently not possible for us mere end customers.
I've been told it's available in MSP mode (network managed by 3rd party) and that TP-Link is looking at expanding support...
- Copy Link
- Report Inappropriate Content
@EricPerl really? I would consider that one of the most basic capabilities of a router/firewall.
- Copy Link
- Report Inappropriate Content
You and me both... See:
Logging & Monitoring of ACL rules - Business Community (tp-link.com)
Some of the attack/defense built-in rules generate log entries.
All of but one kind as information about the source...
You get: Router detected TCP SYN-and-FIN packets attack and dropped 1 packets.
The one that contains source information is a "Ping attack" so I now know that I'm attacked by my Ring Camera on the LAN side (LOL).
- Copy Link
- Report Inappropriate Content
@EricPerl What is "MSP mode" that you mentioned?
- Copy Link
- Report Inappropriate Content
Per Controller documentation:
MSP (Managed Service Provider) mode allows you to know the status of your customers at a glance, and manage customers in the Omada platform.
As I understand it, it applies to cases where a 3rd party manages your network.
You can't even enable it with a HW controller. I guess the controller is somewhere in the cloud in that case.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 204
Replies: 5
Voters 0
No one has voted for it yet.