Support Center > Search Results > SecureKnowledge Details
Centrally Managed 1100 appliance does not send logs to the Security Management Server
Symptoms
  • SmartView Tracker does not show logs from the Centrally Managed 1100 appliance.

  • Output of 'netstat -an' command on 1100 appliance shows that TCP connection to Security Management Server is in state "Time_Wait".

  • sfwd debug shows:
    [sfwd PID]@Host[DATE TIME] log_async_try_connect: try to connect to server [IP address]
    [sfwd PID]@Host[DATE TIME] connect_to_remote_server: Will try to connect to [IP address]
    [sfwd PID]@Host[DATE TIME] log_async_try_connect: Trying to connect to server
    [sfwd PID]@Host[DATE TIME] fwclient_do_connect_e: server [IP address] port 257 sicname N/A
    [sfwd PID]@Host[DATE TIME] fwclient_do_connect_e: hostname [IP address] hostsicname N/A addr fc8cf35e
    [sfwd PID]@Host[DATE TIME] fwclient_do_connect_e: addr [IP address]
    [sfwd PID]@Host[DATE TIME] fwclient_do_connect_ei: sic name for server 3b36c30 is NULL.
    
Cause

The fw-loader was over-optimization of network object which appear in the rulebase (they can also appear inside groups).


Solution
Note: To view this solution you need to Sign In .