ZyWALL 5/35/70 Series User’s Guide

 

Table 289 IKE Logs (continued)

 

 

 

 

 

LOG MESSAGE

DESCRIPTION

 

 

 

 

Remote IP <Remote IP> /

The security gateway is set to “0.0.0.0” and the router used

 

<Remote IP> conflicts

the peer’s “Local Address” as the router’s “Remote Address”.

 

 

This information conflicted with static rule #d; thus the

 

 

connection is not allowed.

 

Phase 1 ID type mismatch

This router’s "Peer ID Type" is different from the peer IPSec

 

 

router's "Local ID Type".

 

Phase 1 ID content mismatch

This router’s "Peer ID Content" is different from the peer

 

 

IPSec router's "Local ID Content".

 

No known phase 1 ID type

The router could not find a known phase 1 ID in the

 

found

connection attempt.

 

ID type mismatch. Local /

The phase 1 ID types do not match.

 

Peer: <Local ID type/Peer ID

 

 

type>

 

 

ID content mismatch

The phase 1 ID contents do not match.

 

Configured Peer ID Content:

The phase 1 ID contents do not match and the configured

 

<Configured Peer ID Content>

"Peer ID Content" is displayed.

 

Incoming ID Content:

The phase 1 ID contents do not match and the incoming

 

<Incoming Peer ID Content>

packet's ID content is displayed.

 

Unsupported local ID Type:

The phase 1 ID type is not supported by the router.

 

<%d>

 

 

Build Phase 1 ID

The router has started to build the phase 1 ID.

 

Adjust TCP MSS to %d

The router automatically changed the TCP Maximum

 

 

Segment Size value after establishing a tunnel.

 

Rule <%d> input idle time

The tunnel for the listed rule was dropped because there was

 

out, disconnect

no inbound traffic within the idle timeout period.

 

XAUTH succeed! Username:

The router used extended authentication to authenticate the

 

<Username>

listed username.

 

XAUTH fail! Username:

The router was not able to use extended authentication to

 

<Username>

authenticate the listed username.

 

Rule[%d] Phase 1 negotiation

The listed rule’s IKE phase 1 negotiation mode did not match

 

mode mismatch

between the router and the peer.

 

Rule [%d] Phase 1 encryption

The listed rule’s IKE phase 1 encryption algorithm did not

 

algorithm mismatch

match between the router and the peer.

 

Rule [%d] Phase 1

The listed rule’s IKE phase 1 authentication algorithm did not

 

authentication algorithm

match between the router and the peer.

 

mismatch

 

 

Rule [%d] Phase 1

The listed rule’s IKE phase 1 authentication method did not

 

authentication method

match between the router and the peer.

 

mismatch

 

 

Rule [%d] Phase 1 key group

The listed rule’s IKE phase 1 key group did not match

 

mismatch

between the router and the peer.

 

Rule [%d] Phase 2 protocol

The listed rule’s IKE phase 2 protocol did not match between

 

mismatch

the router and the peer.

 

Rule [%d] Phase 2 encryption

The listed rule’s IKE phase 2 encryption algorithm did not

 

algorithm mismatch

match between the router and the peer.

Appendix S Log Descriptions

780