The SBG6400Â Gateway can send firewall attack reports out to a standard Syslog server, so that many instances can be logged over some time. Â There are four types of logs as followed:
- Permitted Connections - Allows the server to e-mail logs of who is connecting to the network.
- Blocked Connections - Allows the server to e-mail logs of who is blocked from connecting to the network.
- Known Internet Attacks - Allows the server to e-mail logs of known Internet attacks against the network.
- Product Configurations Event - Allows the server to e-mail logs of the basic product configuration event logs.
The Firewall Remote Log is not enabled by default. This document describes how to enable and configure the Firewall Remote Log.
NOTE 1: The Syslog server must be on the same network on the LAN (Local Area Network) behind the Gateway (typically 192.168.0.x).
NOTE 2: The Syslog server must be configured and running to receive log entries from the SBG6400 Gateway. Please refer to the manufacturer's documentation for assistance.
To Enable Remote Log
- Launch a Firefox or Safari browser.  Enter http://192.168.0.1 into the address box, and press the Enter key. Â
NOTE: A browser message on Chrome, Edge, Firefox, and Opera, may appear when accessing the Web Manager.  The message includes 192.168.01 uses an unsupported protocol and ERR_SSL_VERSION_OR_CIPHER_MISMATCH.  The Web Manager uses an earlier version of the TLS protocol and does not match the version allowed by the web browser.  Safari browsers on Apple PC and mobile devices are not impacted.  The workaround to access the Web Manager with a PC is to use the Firefox browser and set the TLS version to 1.  For workaround instructions refer to article # 19435 - 192.168.0.1 uses an unsupported protocol.
 - A security or private risk alert may appear on the web browser advising users to proceed with caution when accessing the Web Manager.  There is no risk in proceeding to the Web Manager.  For instructions to bypass the alert screen, refer to article # 18181 - Alert Message for Web Manager Access.
 - On the Login page, enter admin or a customized username in the Username field.
 - Enter password or a customized password in the Password field.
NOTE: On later versions of the SBG6400, the Wi-Fi Security Key is used as the default admin password printed on the bottom white label. For assistance with Web Manager Access, refer to article # 18730 – SBG6400: Web Manager Access.
 - Click the Login button. The Home page will appear.
 - Move the mouse cursor over the Firewall tab and select the Remote - Log from the drop-down submenu. The Firewall - Remote Log page will appear.
 - On the Firewall - Remote Log page:
a.   Permitted Connections - Check the box to select the log.
b.   Blocked Connections - Check the box to select the log.
c.   Known Internet Attacks - Check the box to select the log.
d.   Product Configurations Event - Check the box to select the log.
NOTE: Normally the IP address of the Syslog server should be hard-coded so that the address does not change and always agrees with the entry on this page.
e.   to Syslog server at 192.168.0. -  Enter the last digit of the Syslog server's IP address.
f.  Click the Apply button to save settings.