Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Hyperscale Firewall Guide

    Home FortiGate / FortiOS 7.6.1 Hyperscale Firewall Guide
    7.6.1
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.6
    6.2.9
    6.2.7
    6.2.6

    Interim logging for CGN sessions

    Interim logging for CGN sessions

    You can configure hyperscale CGN resource allocation IP pools to cause hyperscale hardware logging to send interim log messages. Normally hyperscale hardware logging only sends log messages at the start or end of a session or both, depending on the logging mode. In some cases, for example for very long lived sessions, you might want to able to send log messages for a session while it is active. Interim logging is compatible with all types of CGN IP Pools.

    In a hyperscale VDOM, you can use the pba-interim-log firewall IP Pool option to configure interim logging:

    config firewall ippool

    edit <name>

    set type cgn-resource-allocation

    set pba-interim-log <log-interval>

    end

    <log-interval> is the number of seconds between sending log messages in the range 600 to 86400 seconds. The default value of 0 disables interim logging.

    Interim logging is supported by the NP7 hardware log module (hardware) and by host hardware logging (host). Interim logging is also compatible with per-session, per-mapping, and per-session ending logging modes and works with the NetFlow and syslog log formats. For per-session ending logging mode, if interim logging is also enabled a log message is sent when the session starts, at the interim logging time intervals, and when the session ends.

    For more information about hardware logging see: Hardware logging.

    Previous
    Next

    Interim logging for CGN sessions

    Interim logging for CGN sessions

    You can configure hyperscale CGN resource allocation IP pools to cause hyperscale hardware logging to send interim log messages. Normally hyperscale hardware logging only sends log messages at the start or end of a session or both, depending on the logging mode. In some cases, for example for very long lived sessions, you might want to able to send log messages for a session while it is active. Interim logging is compatible with all types of CGN IP Pools.

    In a hyperscale VDOM, you can use the pba-interim-log firewall IP Pool option to configure interim logging:

    config firewall ippool

    edit <name>

    set type cgn-resource-allocation

    set pba-interim-log <log-interval>

    end

    <log-interval> is the number of seconds between sending log messages in the range 600 to 86400 seconds. The default value of 0 disables interim logging.

    Interim logging is supported by the NP7 hardware log module (hardware) and by host hardware logging (host). Interim logging is also compatible with per-session, per-mapping, and per-session ending logging modes and works with the NetFlow and syslog log formats. For per-session ending logging mode, if interim logging is also enabled a log message is sent when the session starts, at the interim logging time intervals, and when the session ends.

    For more information about hardware logging see: Hardware logging.

    Previous
    Next