View activity on address objects

CompuSoft
CompuSoft Posts: 4  Freshman Member
First Comment Friend Collector First Anniversary
edited April 2021 in Security
Hi,
We've got an api that creates address object and places them in an address group which has a NAT rule.
What I would like to know is if its possible to view which address object that are hit within a certain range of time.

So is it possible to pull this information out of the Zyxel USG1100?
Since the device only handles 2000 objects and we've got a bunch of "dead" objects (we just don't know which ones) we would like to locate these and delete them.

Best regards
CompuSoft

Accepted Solution

All Replies

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    50 Answers 500 Comments Friend Collector Fourth Anniversary
    edited November 2017

    Hello CompuSoft,

    If you want to know which address object is used or not, check up reference filed on address list.

    When the value of reference is 0, which means it’s a “dead” object. Also, the “dead” objects can be deleted at once.



    Charlie
  • CompuSoft
    CompuSoft Posts: 4  Freshman Member
    First Comment Friend Collector First Anniversary
    Hi Charlie,
    Thank you for your response, unfortunately its not that kind of "dead" objects that I meant.
    We have alot of hosting customers that can whitelist their own public ips in our firewall thru our API, so that they can access thir hosted server.
    Unfortunately some of them are on dynamic ips and when they get a new ip they whitelist that one but the old one still remains. 
    So I was looking for a way to see if a certain ip still tries to connect to our firewall, and if it haven't connected during 2-3 weeks then I could delete the address object associated with that IP.

  • PeterUK
    PeterUK Posts: 3,389  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Maybe you could use the log to see what ones are active to ones that are not?

Security Highlight