LOG MESSAGE | DESCRIPTION |
|
|
Discard REPLAY packet | The router received and discarded a packet with an incorrect |
| sequence number. |
Inbound packet | The router received a packet that has been altered. A third party may |
authentication failed | have altered or tampered with the packet. |
Receive IPSec packet, | The router dropped an inbound packet for which SPI could not find a |
but no corresponding | corresponding phase 2 SA. |
tunnel exists |
|
Rule <%d> idle time out, | The router dropped a connection that had outbound traffic and no |
disconnect | inbound traffic for a certain time period. You can use the "ipsec timer |
| chk_conn" CI command to set the time period. The default value is 2 |
| minutes. |
WAN IP changed to <IP> | The router dropped all connections with the “MyIP” configured as |
| “0.0.0.0” when the WAN IP address changed. |
LOG MESSAGE | DESCRIPTION |
|
|
Active connection allowed | The IKE process for a new connection failed because the limit |
exceeded | of simultaneous phase 2 SAs has been reached. |
Start Phase 2: Quick Mode | Phase 2 Quick Mode has started. |
Verifying Remote ID failed: | The connection failed during IKE phase 2 because the router |
| and the peer’s Local/Remote Addresses don’t match. |
Verifying Local ID failed: | The connection failed during IKE phase 2 because the router |
| and the peer’s Local/Remote Addresses don’t match. |
IKE Packet Retransmit | The router retransmitted the last packet sent because there |
| was no response from the peer. |
Failed to send IKE Packet | An Ethernet error stopped the router from sending IKE |
| packets. |
Too many errors! Deleting SA | An SA was deleted because there were too many errors. |
Phase 1 IKE SA process done | The phase 1 IKE SA process has been completed. |
Duplicate requests with the | The router received multiple requests from the same peer |
same cookie | while still processing the first IKE packet from the peer. |
IKE Negotiation is in process | The router has already started negotiating with the peer for |
| the connection, but the IKE process has not finished yet. |
No proposal chosen | Phase 1 or phase 2 parameters don’t match. Please check all |
| protocols / settings. Ex. One device being configured for |
| 3DES and the other being configured for DES causes the |
| connection to fail. |
Local / remote IPs of | The security gateway is set to “0.0.0.0” and the router used |
incoming request conflict | the peer’s “Local Address” as the router’s “Remote Address”. |
with rule <%d> | This information conflicted with static rule #d; thus the |
| connection is not allowed. |
Appendix M Log Descriptions | 402 |