Appendix A Log Descriptions

Table 247 IKE Logs (continued)

LOG MESSAGE

DESCRIPTION

XAUTH succeed! My

%s is the my xauth name. This indicates that my name is

name: %s

valid.

XAUTH succeed! Remote

%s is the remote xauth name. This indicate that a remote

user: %s

user’s name is valid

Dynamic Tunnel

The variables represent the phase 1 name, tunnel name, SPI

[%s:%s:0x%x:%s] built

and the xauth name (optional). The phase-2 tunnel

successfully

negotiation is complete.

Dynamic Tunnel

The variables represent the phase 1 name, tunnel name, old

[%s:%s:0x%x:0x%x:%s]

SPI, new SPI and the xauth name (optional). The tunnel was

rekeyed successfully

rekeyed successfully.

Tunnel

The variables represent the phase 1 name, tunnel name, SPI

[%s:%s:0x%x:%s] built

and the xauth name (optional). The phase-2 tunnel

successfully

negotiation is complete.

Tunnel

The variables represent the phase 1 name, tunnel name, old

[%s:%s:0x%x:0x%x:%s]

SPI, new SPI and the xauth name (optional). The tunnel was

rekeyed successfully

rekeyed successfully.

Tunnel [%s:%s] Phase

The variables represent the phase 1 name and tunnel name.

1 pre-shared key

When negotiating phase-1, the pre-shared keys did not

mismatch

match.

Tunnel [%s:%s]

The variables represent the phase 1 name and tunnel name.

Recving IKE request

The device received an IKE request.

Tunnel [%s:%s]

The variables represent the phase 1 name and tunnel name.

Sending IKE request

The device sent an IKE request.

Tunnel [%s:0x%x] is

The variables represent the tunnel name and the SPI of a

disconnected

tunnel that was disconnected.

Tunnel [%s] rekeyed

%s is the tunnel name. The tunnel was rekeyed successfully.

successfully

 

Table 248 IPSec Logs

LOG MESSAGE

DESCRIPTION

Corrupt packet,

The device received corrupt IPsec packets and could not

Inbound transform

process them.

operation fail

 

Encapsulated packet

An outgoing packet needed to be transformed but was longer

too big with length

than 65535.

Get inbound transform

When performing inbound processing for incoming IPSEC

fail

packets and ICMPs related to them, the engine cannot obtain

 

the transform context.

Get outbound transform

When outgoing packet need to be transformed, the engine

fail

cannot obtain the transform context.

Inbound transform

After encryption or hardware accelerated processing, the

operation fail

hardware accelerator dropped a packet (resource shortage,

 

corrupt packet, invalid MAC, and so on).

766

 

ZyWALL USG 20/20W User’s Guide