ZyXEL Communications 2WE manual 415

ZyWALL 2 and ZyWALL 2WE

Chart Q-10 Sample IKE Key Exchange Logs

LOG MESSAGE

DESCRIPTION

!! Invalid IP <IP start>/<IP end>

The peer’s “Local IP Addr” range is invalid.

!! Remote IP <IP start> / <IP end>

If the security gateway is “0.0.0.0”, the ZyWALL will

conflicts

use the peer’s “Local Addr” as its “Remote Addr”. If a

peer’s “Local Addr” range conflicts with other

connections, then the ZyWALL will not accept VPN

connection requests from this peer.

!! Active connection allowed

The ZyWALL limits the number of simultaneous Phase

exceeded

2 SA negotiations. The IKE key exchange process fails

if this limit is exceeded.

!! IKE Packet Retransmit

The ZyWALL did not receive a response from the peer

and so retransmits the last packet sent.

!! Failed to send IKE Packet

The ZyWALL cannot send IKE packets due to a

network error.

!! Too many errors! Deleting SA

The ZyWALL deletes an SA when too many errors

occur.

!! Phase 1 ID type mismatch

The ID type of an incoming packet does not match the

local's peer ID type.

!! Phase 1 ID content mismatch

The ID content of an incoming packet does not match

the local's peer ID content.

!! No known phase 1 ID type

The ID type of an incoming packet does not match any

found

known ID type.

Peer ID: IP address type <IP

The IP address type or IP address of an incoming

address>

packet does not match the peer IP address type or IP

address configured on the local router. The log

displays the IP address type and IP address of the

incoming packet.

vs. My Remote <IP address>

The IP address type or IP address of an incoming

packet does not match the peer IP address type or IP

address configured on the local router. The log

displays this router’s configured remote IP address

type or IP address that the incoming packet did not

match.