Appendix A Log Descriptions

Table 247 IKE Logs (continued)

LOG MESSAGE

DESCRIPTION

[DPD] No response from

The device’s DPD feature has not detected a response from

peer. Using existing

the remote IPSec router. %u is the retry time.

Phase-1 SA in %u

 

seconds. Trying with

 

Phase-1 rekey.

 

[HASH] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the

Phase 1 hash mismatch

exchange hash did not match.

[HASH] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-2, the

Phase 2 hash mismatch"

calculated quick mode authentication hash did not match.

[ID] : Invalid ID

ID payload is not valid (in Phase-1 is local/peer ID, in Phase-2

information

is local/remote policy).

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the local

Local IP mismatch

tunnel IP did not match the My IP in VPN gateway.

[ID] : Tunnel [%s] My

%s is the tunnel name. When negotiating Phase-1 and

IP mismatch

selecting matched proposal, My IP Address could not be

 

resolved.

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the peer ID

Phase 1 ID mismatch

did not match.

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-2 and

Phase 2 Local ID

checking IPsec SAs or the ID is IPv6 ID.

mismatch

 

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-2 and

Phase 2 Remote ID

checking IPsec SAs or the ID is IPv6 ID.

mismatch

 

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the peer

Remote IP mismatch

tunnel IP did not match the secure gateway address in VPN

 

gateway.

[SA] : Malformed IPSec

When selecting a matched proposal, some protocol was given

SA proposal

more than once.

[SA] : No proposal

When selecting a matched proposal in phase-1 or phase-2, so

chosen

proposal was selected.

[SA] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the

Phase 1 authentication

authentication algorithm did not match.

algorithm mismatch

 

[SA] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the

Phase 1 authentication

authentication method did not match.

method mismatch

 

[SA] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the

Phase 1 encryption

encryption algorithm did not match.

algorithm mismatch

 

[SA] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the packet

Phase 1 invalid

was not a ISKAMP packet in the protocol field.

protocol

 

[SA] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the

Phase 1 invalid

transform ID was invalid.

transform

 

 

763

ZyWALL USG 20/20W User’s Guide