View activity on address objects
Freshman Member
Hi,
We've got an api that creates address object and places them in an address group which has a NAT rule.
What I would like to know is if its possible to view which address object that are hit within a certain range of time.
So is it possible to pull this information out of the Zyxel USG1100?
Since the device only handles 2000 objects and we've got a bunch of "dead" objects (we just don't know which ones) we would like to locate these and delete them.
Best regards
CompuSoft
We've got an api that creates address object and places them in an address group which has a NAT rule.
What I would like to know is if its possible to view which address object that are hit within a certain range of time.
So is it possible to pull this information out of the Zyxel USG1100?
Since the device only handles 2000 objects and we've got a bunch of "dead" objects (we just don't know which ones) we would like to locate these and delete them.
Best regards
CompuSoft
0
Accepted Solution
-
Hello CompuSoft,
You can go to traffic statistics to confirm which certain IP is used recently, so you will know what is "dead" object, and delete it.
Enable Collect Statistics, and press Apply.
However, just let you know that the device maximum can handle 20 records, so flush data every time after you check the list.
Charlie5
Zyxel Employee
All Replies
-
Hello CompuSoft,
If you want to know which address object is used or not, check up reference filed on address list.
When the value of reference is 0, which means it’s a “dead” object. Also, the “dead” objects can be deleted at once.
Charlie0 -
Hi Charlie,
Thank you for your response, unfortunately its not that kind of "dead" objects that I meant.
We have alot of hosting customers that can whitelist their own public ips in our firewall thru our API, so that they can access thir hosted server.
Unfortunately some of them are on dynamic ips and when they get a new ip they whitelist that one but the old one still remains.
So I was looking for a way to see if a certain ip still tries to connect to our firewall, and if it haven't connected during 2-3 weeks then I could delete the address object associated with that IP.
0 -
Maybe you could use the log to see what ones are active to ones that are not?
0 -
Hello CompuSoft,
You can go to traffic statistics to confirm which certain IP is used recently, so you will know what is "dead" object, and delete it.
Enable Collect Statistics, and press Apply.
However, just let you know that the device maximum can handle 20 records, so flush data every time after you check the list.
Charlie5
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
