The properties screen configures the Client connection to the Tunnel Server. You need to tell the Client the IP address or known name of the system the Tunnel Server is running on, and on which port. Port 22 is the standard for an SSH server port but may be any port you choose. You should supply a Login and Password that the Tunnel Server can recognise the valid Client by.
The Secure Tunnel link supports a number of different encryption methods**, and you may chose a specific one if you wish. Choosing "Any" lets the Tunnel decide which one to use.
The Tunnel also supports compression***. There is only one compression algorithm supported at this stage. This may help reduce network traffic, especially where the messages being transmitted are very similar. Doing the compressing and decompressing requires a certain amount of processor power, so that in times of high loading, leaving compression off may help throughput.
You can control the rate of data being sent to the Tunnel Server by selecting values from the Transmit Pacing drop-down list. The selections are in K bits per second. You can use the settings to regulate the flow of syslog data over the network to prevent flooding it if data traffic becomes heavy. The default setting is 64K.
There is a list of all the ports the Client can listen on that devices can connect to. You may add or delete ports at any stage. You may turn a port off or on. Be aware that any change to the port list will interrupt traffic very briefly while the Service reconfigures the ports.
The Client Options box allows you to set a unique Client ID, the interval that the statistics are updated on, and whether you wish standard events to be logged into the log file. Error events are always logged no matter what the setting.
The purpose of the Client ID is to positively identify messages a Secure Tunnel Client is sending in a case where several Clients on different networks are all sending messages that the same Syslog Daemon collects. The Clients may be on internal networks where the devices sending Syslog messages have the same IP address. The Tunnel Client can add its own unique ID to each message it sends on so that messages can be positively identified as to where they originate. The ID is added to each message either at the front of the message after the priority or at the end, and is in the format "KiwiClientID=" plus the actual Client ID.
The Client ID is also sent to the Tunnel Server when the Client logs onto the Server, and is kept there to help identify Clients when they disconnect. The Client ID may be changed at any time, and any messages sent after changing the Client ID reflect the new ID. However, until the Client logs on to the Server again, the Server does not know that the ID has changed. If the Client disconnects after the ID is changed, the Server may send a disconnection message reflecting the old ID.
You may choose to have the Client add an "OriginalAddress=" tag to the message if one is not present. This adds the IP address of the device sending the message to the Client and enables the Syslog daemon to derive where the message originated.
In times of high data traffic load, turning the logging off may help the Client cope with a higher flow.
A keep alive message may be sent from the Client at a specific interval that can help mark syslog data files. You can build your own message, add standard variable values to it, and set the priority as you see fit. The priority is set from the Facility and Level drop down lists.
Saving the changes causes the Service to read the configuration data and make any changes specified. It may take a second or so for the Service to do this.
** Blowfish is the only encryption available in the free version.
The licensed version supports AES,3DES,DES,Blowfish.
*** Compression is only available in the licensed version
