See documentation for basic Q&A and troubleshooting. You can always contact us under this e-mail address: support@f-deets.com

 

FAQ:

 

My internal certificates expired, how to update them?

1. Get new certificates here.

2. Stop all f-deets services

3. Copy ca.pem certificate to client/ directory, copy server.pem and client.pem certificates to serverCertificates\ directory.

4 Restart f-deets services

 

How to setup syslog logging on the SSG (under ScreenOS)?

The description below is based on the latest ScreenOS manual, however it should be appliable to later ScreenOs versions too.


GUI (example):

1) Using the menu: Configuration > Report Settings > Syslog:

2) Enter the following, then click Apply:

  2.1)  Enable syslog messages: Select this option to send logs to the specified syslog servers.
  2.2)  No.: Select 1, and optionaly 2, and 3 to indicate your syslog servers.
  2.3)  IP/Hostname: 1.1.1.1, 2.2.2.1, 3.3.3.1
  2.4)  Port: 514 (standard for UDP)
  2.5)  Security Facility: Local0, Local0, Local0
  2.6)  Facility: Local0, Local0, Local0
  2.7)  Event Log: (select)
  2.8)  Traffic Log: (select)
  2.9)  TCP: select if you want to use syslog over TCP, leave unselected by default

syslog menu

3) You can setup logging details  under menu: Configuration > Report Settings > Log Settings

4) Please note that regardless of the above settings you must enable logging for each policy rule

policy rule

"Edit" policy rule to change log setting.

Enable logging for relevant rules.

CLI

The following example shows how to setup TCP syslog on 3 servers:

set syslog config 1.1.1.1 port 1514
set syslog config 1.1.1.1 log all
set syslog config 1.1.1.1 facilities local0 local0
set syslog config 1.1.1.1 transport tcp
set syslog config 2.2.2.1 port 2514
set syslog config 2.2.2.1 log all
set syslog config 2.2.2.1 facilities local0 local0
set syslog config 2.2.2.1 transport tcp
set syslog config 3.3.3.1 port 3514
set syslog config 3.3.3.1 log all
set syslog config 3.3.3.1 facilities local0 local0
set syslog config 2.2.2.1 transport tcp
set syslog enable
save

I can not run the client.
If you are experiencing problems running the client, ensure you have .net 3.5 installed. Make sure there you didn't delete any dll's from fdeets/client directory. You might also try reinstalling the program.

The client starts, but it tells me that I do not have a license. How can I get one?
Visit http://www.f-deets.com/ to obtain an evaluation or demo license

The client starts, but I can not connect to the server.
Ensure the connection is properly configured. Check if the FdeetsConnectionDaemon service is started. Ensure proper certificate files are in the client directory.

I think I connected to the server, but what to do next?
Create a new view. For a start, enter all as a name and select all columns. The view will appear below the connection entry. Double click it and a log view window will appear.

There are no entries in the log view window
Ensure you have configured your network devices so they send messages to the machine F-Deets is installed on. Ensure the fdeets/syslog/logs directory is added to server log directories. Try to choose 1 day instead of 15 minutes in the time span selection.

Still there are no entries, I think that nothing is (sys)loged to the server
Check the syslog/logs directory - check if a log file is present, if events are logged this file should grow. If no events are logged check if your syslog settings on the SSG box are correct - note that syslog by default uses UDP protocol and port 514.