How to - Configure your NetWall to send logs to Cloud Services

Last modified on 7 Feb, 2024. Revision 7


This guide is on how to configure your On-Prem NetWall firewall to work with the Cloud Services Log Ingestion add-on.

The guide uses our example company ShieldIT as <company_name> through the different steps



Setup your NetWall firewall

The NetWall firewall configurations provided within the following instructions enables your firewall to forward log traffic generated by corresponding NetWall firewall towards the Cloud Services via an IPsec tunnel. The IPsec tunnel and all it’s related routing configurations utilizes the Virtual routing capabilities in NetWall to isolate routing configurations from current Firewall setup to avoid any potential routing conflicts.

The easiest way is to use the the script downloaded from the Cloud Services created when enabling the Log Ingestion Add-on, but if that script is lost you can use this template script and modify it according to the instructions below: sase_incenter_logging_configs.sgs

Modifying the template script

Edit above downloaded script file with your favorite text editor


Change following values to the values provided to you by Clavister - values that require change are put as <change me> :

  • IP4Address sase_ic_logging_ip Address=<change me>
  • PSKHex=<change me>

Example:

  • IP4Address sase_ic_logging_ip Address=10.223.11.12
  • PSKHex=3ccb660224092b7042ebc49bb4d3a91480e9f950a05420bf154f1b124345f0044739a9d018f93234f7e1b527a556347deb64ae6f1f2470a9cdab15c84577044a


Change following value to a NetWall IPv4 address object that corresponds to a local user network address behind the firewall (e.g. LAN Network)

  • LocalNetwork=<change me>

Example:

  • LocalNetwork=InterfaceAddresses/LAN1_net


Avoid using an address from CIDR range 172.20.1.0/26 for this object



Importing and applying the script

Navigate to Status → Maintenance → Import Script

Click on Browse… then select and upload the Script file edited and saved in previous step.

You should get following message:

Success! Execution completed successfully. You can now review and activate your new configuration.

Troubleshooting


Check tunnel status by navigating to : Status → IPsec



Done.

Related articles

Brian Smart Search (Beta)
15 Jan, 2024 dictionary troubleshoot core stream incontrol incenter oneconnect cloudservice
Configure Clavister OneConnect using deep links
13 Jun, 2022 oneconnect macos ios windows android
Configure Clavister OneConnect for macOS, iOS and iPadOS towards NetWall
28 Apr, 2023 openconnect oneconnect macos ios iphone
Configuring public certificates in NetWall firewalls
23 Aug, 2022 core certificate oneconnect ipsec vpn
Configure the Android OpenConnect client towards Clavister NetWall
23 Aug, 2022 sslvpn openconnect oneconnect android core
Configure Clavister OneConnect for Windows towards Clavister NetWall
29 Oct, 2021 sslvpn openconnect oneconnect windows
Lets Encrypt - error 9814 - chain had an expired certs
13 Oct, 2021 oneconnect macos openconnect ios
Configure Linux OpenConnect towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect linux core
Configuring SSL-VPN / OneConnect server on secondary Firewall IP address
8 Apr, 2021 core sslvpn oneconnect interfaces arp
OneConnect VPN certificate not trusted
22 Aug, 2022 onetouch sslvpn oneconnect
Install OneConnect without Microsoft store
25 Feb, 2022 oneconnect windows howto
Changing the certificate used by the OneConnect client/server
28 Nov, 2022 core configuration oneconnect
Clavister OneConnect server using cOS Core as CA Server
11 May, 2023 oneconnect certificate howto
Configure the OpenConnect-GUI client towards Clavister NetWall
23 Aug, 2022 sslvpn openconnect oneconnect macos windows linux core