Inquiry

Please check FAQ before contact us to solve quicker.

  •  In Managed Firewall / UTM log analysis function, please tell me the meaning of each item displayed in the field of Raw log.ECL2.0, Network-based Security / Operation, Specification

    The main items in the Raw log and their meanings are as follows.

    1.The meaning of each item displayed in the field of Raw log.

    ItemMeaning of item
    type =Displays the type of log.

    For traffic logs, [type = traffic] is displayed. For security logs, [type = utm] is displayed.

    subtype =Displays the type of log.
    For traffic logs, [subtype = forward] is displayed. For security logs, UTM functions detected [subtype = ips etc.] are displayed.
    srcip =Displays the source IP address.
    srcintf =Displays the interface for which communication has been entered (received) on the Managed Firewall / UTM.
    dstip =Displays the destination IP address.
    dstintf =Displays the interface for which communication has been output (sent) on Managed Firewall / UTM.
    proto =Displays the protocol number described in the IP header.
    ICMP: [proto = 1], TCP: [proto = 6] and UDP: [proto = 17].
    action =Displays the process result of the corresponding communication in Managed Firewall / UTM.
    When communication is permitted, UDP / ICMP: [action = accept] and TCP: [action = close].
    # When TCP communication ends, the log is output as [action = close].
    policyid =Displays the Policy ID of Firewall Policy that matched communication with Managed Firewall / UTM.
    trandisp = dnatDisplayed when SourceNAT or DestinationNAT is applied.
    For SourceNAT, [trandisp = snat] is displayed. For DestinationNAT, [trandisp = dnat] is displayed.
    tranip =Displays the IP address translated when Destination NAT is applied.
    tranport =Displays the port number (translated by Port Forward) when Destination NAT is applied.
    # If you do not set Port Forward, the destination port will be displayed as [tranport =].
    duration =Displays the time (in seconds) from the start of communication to the end.

    Reference: Tutorials – Managed Firewall / Managed UTM – Log Analytics

    Is this page helpful?

    Yes No
  •  Is it possible to use asymmetric communication (communication in which traffic go and return are separate routes)?ECL2.0, Logical Network / Construction, Specification

    In Enterprise Cloud 2.0, asymmetric communication may not be able to communicate.

    Please design so that traffic going and returning are symmetric communication with the same route.

    Target menu

    · Virtual server

    · Firewall

    · Load balancer

    · Network type security  

     

    Asymmetric communication example 1

    When multiple interfaces are used, partial communication may be asymmetric communication.

    Please add individual static routes and design to be symmetric communication.

     

    Asymmetric communication example 2

    When VRRP redundancy is performed with multiple interfaces, if the VRRP state (Master / Backup) is different Transit communication is asymmetric communication.

    Make VRRP statuses consistent and design to be symmetric.

    Please refer to the tutorial for detailed configuration example of firewall / load balancer.

     

    Asymmetric communication example 3

    If you use the DSR (Direct Server Return) function on the load balancer, the return communication will cause the load balancer Since it does not pass through, it becomes asymmetric communication.

    Please do not use the DSR function and design it as target communication.

    Is this page helpful?

    Yes No
  •  When I execute “slmgr /ato” in OS license activation of Windows, Error code: 0xC004F074 appears.Dedicated Hypervisor, ECL2.0, Guest Image / Construction, Specification

    When the synchronization with NTP server doesn’t work, Error code: 0xC004F074 may appear and license activation may fail.

    After you confirm the synchronization with NTP server, please execute “slmgr /ato” again.

    Tutorial – License activation for Windows Server

    Tutorial – Common Function Gateway

    Is this page helpful?

    Yes No
  •  When restarting right after configuring the interface or volume, encounter that the volume goes offline or the device name of the interface has been changedECL2.0, Virtual Server / Operation

    There is a possibility that the following event will occur if you perform specific target operation.
    We will inform you what to do when each event occurs.

    Target operation

    Performing off / on (* 2) (including rebooting with HA) after adding / deleting interfaces and attaching / detaching the volume (* 1).

    * 1. We recommend adding / deleting interfaces, attaching / detaching volumes with the instance “stopped”, and confirming after startup.
    * 2. Performing shut down on the OS, confirm that the status of the instance has stopped, and then start the instance with the portal or API. (Please note that “reboot” on OS is not effective as this action.)

    Recommended operation
    1. Stop the instance(OS shutdown would be recommended)
    2. Add/delete the interface or attach/detach the volume
    3. Start the instance
    4. Confirm the status of the interface or the volume
        4-1 Whether the correspondence between the device name of the interface and IP address is correct, or not
            -> If it is not correct, follow the steps described below in “Event and Workaround”.
        4-2.Whether the volume is online(Windows) or mounted properly(Linux), or not
            -> If it is not correct, follow the steps described below in “Event and Workaround”.
    Once you perform off / on (* 2), these issues never occur again unless you newly add/delete the interface or attach/detach the volume.
    # After you perform the above recommended operation, if you newly add/delete the interface or attach/detach the volume, the issues might occur again. In that case you need to follow the steps described below in “Event and Workaround” again.
    # The above is the specification of OpenStack.

    Event and Workaround

    Windows Series

    1. If the DHCP function of the connected logical network is disabled and a fixed IP address is set, the correspondence between the device name of the interface and the IP address may be replaced with another logical network connected .
    The correspondence between the device name of the interface and the IP address can be confirmed by the following procedure.
    · Check the fixed IP address assigned to each logical network on the portal “cloud computing” -> “server” -> “virtual server”> – “instance” screen
    · Click the name of the logical network on the “Network” -> “Logical Network” screen of the portal and check the MAC address of the logical network to be connected in “Port” field
    · Access instances to the console and check the fixed IP address set for each MAC address on the “Network and Sharing Center” screen of the control panel to see if it is consistent with the display on the portal.

    * Workaround
    Please reset the correct static IP address from the “Network and Sharing Center” screen of the control panel.
    * We recommend that DHCP of logical network be enabled unless there is a special reason to use your own DHCP server.

    2. The state of the connected volume may be offline.
    The status of the volume can be confirmed from “File service and storage service” -> “volume” -> “disk” of the server manager.

    * Workaround
    In the Server Manager’s “File Service and Storage Service” -> “Volume” -> “Disk” screen, right click on the volume and select “Bring Online” to bring it online. (See the figure below)

    Linux Series

    1. If the DHCP function of the connected logical network is disabled and a fixed IP address is set, the correspondence between the device name of the interface and the IP address may be changed.
    The correspondence between the device name of the interface and the IP address can be confirmed by the following procedure.
    · Check the fixed IP address assigned to each logical network on the portal “cloud computing” -> “server” -> “virtual server”> – “instance” screen
    · Click the name of the logical network on the “Network” -> “Logical Network” screen of the portal and check the MAC address of the logical network to be connected in “Port” field
    · Access the instance on the console, check the fixed IP address set for each MAC address by ifconfig, and check whether it is consistent with the display on the portal

    * Workaround
    Please reset the correct static IP address.
    <Ubuntu Series>
    Edit `/etc/network/interfaces`, set the correct static IP address, and execute `service networking restart`.
    <CentOS Series>
    Edit `/etc/sysconfig/network-scripts/ifcfg-ethx`, set the correct static IP address, then execute `service network restart`. (※ ethx depends on the interface name for setting fixed IP address)

    * We recommend that DHCP of logical network be enabled unless there is a special reason to use your own DHCP server.

    2. If you do not add the reboot mount setting in / etc / fstab, the mounted volume will be unmounted.
    A list of mounted devices can be checked with the `df` command or the `mount` command.

    * Workaround
    Please mount the volume again with the `mount` command.
    In terms of Linux specifications, volumes will be unmounted each time it is restarted unless you add mount settings to `/etc/fstab` so please be sure to add mount settings in advance.

    Is this page helpful?

    Yes No
  •  When connecting the console of virtual server,there might be some keyboard layout differences.What to do in such case?ECL2.0, Virtual Server / Construction, Specification

    When you attach the Virtual Server Instance from the Console which is shown on the control panel by using any Japanese keyboard (JIS keyboard). The settings of some JIS keyboards have been different from the one of standard keyboards.

    This causes by the respective scopes. Therefore, you are required to execute this task. The following is the picture of standard keyboard.

    Furthermore, after you have configured “sshd config” (“Remote Desktop” for Windows) settings at the initial startup (this is “launch”) of the Virtual Server, you need to attach the respective Instances with “SSH” (“RDP” for Windows) when utilizing it normally.

    If you select “Standard (US) keyboard” when using the English one, you have no problem to operate it.

     

    faq_virtual_server_keyboard_01

    NOTE: Please use shift key to input respective symbols which are shown on upper-side for each key as the above picture.

     

    <Reference>
    When you use JIS keyboard, please refer to below procedures to input some symbols.
    # Please note that below procedures may not be available due to OS versions.

    1. “@”

    Linux series
    Change the key map with the below command and input “[“.

    localectl set-keymap jp106
    [How to return the key map setting]
    localectl set-keymap us

    # When you execute ssh command, you do not have to use “@” by using -l option.
    ssh -l <username> <IP address of the server>

    2. “:”

    Linux series
    Change the key map with the below command and input “.”.

    localectl set-keymap fr
    [How to return the key map setting]
    localectl set-keymap us

    # In vi editor, you can input “:” by “Shift + Q”.
    # You can also input “:” by “Shift + Ctrl + :”

    3. “=”

    Linux series
    Change the key map with the below command and input “Shift + \(backslash)”.

    localectl set-keymap jp106
    [How to return the key map setting]
    localectl set-keymap us

    <Reference>
    When you use Windows OS, screen keyboard may be helpful.

    Is this page helpful?

    Yes No

Contact us

For Potential Customers

Please contact us with your inquiries by the following contact form.

Contact Form

For Enterprise Cloud Customers

Customer support is available at “Support” menu in Enterprise Cloud 2.0 Portal, after logging in with your user ID.
Customer support is available at “Ticket” in “Service Desk” menu in Enterprise Cloud 1.0 Portal, after logging in with your user ID.

Search from keywords