Remote Log Control
Using the VPN Gateway Firewall rules, you can define rules with specific parameters which will result in network packets being accepted or rejected (dropped) and logged to the system log file.
The logged packets can be sent to a remote server using the syslog facility. Due to the potentially sensitive nature of syslog packets, this feature is only supported when the syslog server is accessed through an IPSec tunnel. If the syslog server is defined on the Internet, or the IPSec tunnel is not active, packets will not be forwarded.
The remote logging service can also be configured for specific VLAN local IP addresses or loopback addresses anchored on the VPN Gateway. This ensures that all syslog packets use the IP addresses configured for the VLAN or loopback interfaces, providing an easier configuration for enterprise firewall management.