H3C Technologies H3C SecPath F1000-E User Manual
Page 94
83
Figure 30 User logging
Table 14 Configuration items
Item Description
Version
Set the version of user logging: 1.0 or 3.0.
IMPORTANT:
Configure the user logging version according to the capacity of the log receiving
device. If the log receiving device does not support user logging of a certain version,
the device cannot resolve the logs received.
Log Timestamps
Configure the system to record user logs in localtime or UTC.
Source IP Address of
Packets
Set the source IP address of user logging packets.
After the source IP address is specified, when Device A sends user logs to Device B,
it uses the specified IP address instead of the actual egress address as the source IP
address of the packets. In this way, although Device A sends out packets to Device
B through different ports, Device B can judge whether the packets are sent from
Device A according to their source IP addresses. This function also simplifies ACL
and security policy configurations. If you specify the same source address as the
source or destination address in the rule command in ACL, the IP address variance
and the influence of interface status can be masked to filter user logging packets.
H3C recommends using the IP address of the loopback interface as the source IP
address of user logging packets.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS