ZyWALL 5/35/70 Series User’s Guide

 

Table 165 Example Log Description

 

 

 

 

LABEL

DESCRIPTION

 

 

 

 

notes

The ZyWALL blocked the packet.

 

 

 

 

message

The ZyWALL blocked the packet in accordance with the firewall’s default policy of blocking

 

 

sessions that are initiated from the WAN. “UDP” means that this was a User Datagram

 

 

Protocol packet. “W to W/ZW” indicates that the packet was traveling from the WAN to the

 

 

WAN or the ZyWALL.

30.2.1 Certificate Not Trusted Log Note

myZyXEL.com and the update server use certificate signed by VeriSign to identify themselves. If the ZyWALL does not have a CA certificate signed by VeriSign as a trusted CA, the ZyWALL will not trust the certificate from myZyXEL.com and the update server. The ZyWALL will generate a log like "Due to error code(11), cert not trusted: SSL/TLS peer certif..." for every time it attempt to establish a (HTTPS) connection with myZyXEL.com and the update server. The V4.00 default configuration file includes a trusted CA certificate signed by VeriSign. If you upgraded to ZyNOS V4.00 firmware without uploading the V4.00 default configuration file, you can download a CA certificate signed by VeriSign from myZyXEL.com and import it into the ZyWALL as a trusted CA. This will stop the ZyWALL from generating this log every time it attempts to connect with myzyxel.com and the update server.

Follow the steps below to download the certificate from myZyXEL.com.

1Go to http://www.myZyXEL.com and log in with your account.

2Click Download Center and then Certificate Download.

Figure 238 myZyXEL.com: Download Center

3Click the link in the Certificate Download screen.

Chapter 30 Logs Screens

470