IPv6 addresses in logs are hidden or cut [solved]
Options
FrankLauer
Posts: 49 Freshman Member
When I receive mail log the IPv6 address is always cut to about 20 chars.
Like that I can't identify the source of problems. I can't see the full address nor ports.
1 2021-02-08 09:26:58 2a01:****:****:9a50:61 2600:****:5306:7300:: <br> warn sessions-limit ACCESS BLOCK
When I open a log file from USB stick, the IPv6 address is empty at all.
2021-02-08 09:26:58, , , warn ,sessions-limit ,ACCESS BLOCK , vlan50 , , , Maximum sessions per host6 (2000) was exceeded.<br>
0
Accepted Solution
-
0
All Replies
-
Well, this forum doesn't let me insert plain text very well.Here again the log lines from mail and USB stick.1 2021-02-08 09:26:58 2a01:****:****:9a50:61 2600:****:5306:7300::
warn sessions-limit ACCESS BLOCK2021-02-08 09:26:58, , , warn ,sessions-limit ,ACCESS BLOCK , vlan50 , , , Maximum sessions per host6 (2000) was exceeded.
0 -
Hi @FrankLauer
You can try to enhance session limit:
https://support.zyxel.eu/hc/en-us/articles/360001390354-Connection-is-slow-drops-sometimes-on-USG-what-could-it-be-Session-Limit-
Let me know if it works or not.
Kind Regards,
Tobias0 -
Thanks for reply, but the question was how to show the full IPv6 addresses in logs.In log mails they are cut, on USB stick they are hidden (blank) at all.Additionally I saw today that in the traffic log files the IPv6 traffic is missing at all.0
-
HI Frank,
it maybe GDPR related, due to some logs may (during initial Phase) are half anonymous.
Can I create a Support Ticket on that for you?
Our Team will look into solution for you then. Let me know if I can use your mail address.
Thanks.
Kind Regards,
Tobias0 -
Please open a support ticket.The IPv4 addresses are also fully visible. In a security device GDPR shouldn't have priority. Common practice is to offer a setting which allows different options to save addresses (hidden,limited,full).
But as I just added in above comment, in traffic log (on USB stick) I miss IPv6 traffic at all.
0 -
Hi @FrankLauer
Thanks, someone from our Support Team will contact you soon to figure it out.
Kind Regards,
Tobias0 -
Hi @FrankLauerYou can upgrade to V4.62WK02 firmware and to see if this symptom still appears.Thanks.0
-
I managed to upgrade today to 4.62(AAPI.0) on the USG210.But still no difference.Mail log:128 2021-02-21 09:38:22 2001:16b8:xxxx:1600:c29:2e06:db05:8d60: 2a01:xxxx:xxxx:9a50::65:443
alert secure-policy ACCESS BLOCK
Match default rule, DROP- On the first IPv6 address the port is missing because the string size is limited.System log on USB:2021-02-21 09:38:22, , , alert ,secure-policy ,ACCESS BLOCK , wan1 ,wan1 ,tcp , Match default rule, DROP- The IPv6 addresses are missing completely.
0 -
0
-
Today I installed the firmware V4.62(AAPI.0)ITS-WK02-r98140 and as far as I can see, it's fixed. Thank you very much.
1
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight