Appendix B Log Descriptions

 

Table 241 Application Patrol Logs (continued)

 

LOG MESSAGE

DESCRIPTION

 

 

App Patrol Name=%s

Packets logging. 1st %s: Protocol Name, 2nd %s: Category Name, 3rd

 

 

Type=%s %s=%d

%s: Default Rule or Exception Rule, 1st %d: Rule Index, 4th %s: TCP

 

 

Protocol=%s Action=%s

or UDP, 5th %s: Action.

 

 

App Patrol resources

The application patrol daemon (process) resource pool is full, current

 

 

ran out. User %s is

login user %s is unrestricted by rule %d of protocol %s. 1st %s: User

 

 

unrestricted by rule [

Name, 1st %d: Rule Index, 2nd %s: Protocol Name.

 

 

%s:%d ]. 1st %s: User

 

 

 

Name, 2nd %s: Protocol

 

 

 

Name, 1% %d: Rule

 

 

 

Index

 

 

 

Table 242 IKE Logs

 

 

 

LOG MESSAGE

DESCRIPTION

 

 

%s:%s has not

%s:%s is the peer IP:Port. Peer has not announced capability.

 

 

announced DPD

 

 

 

capability

 

 

 

[COOKIE] Invalid

Cannot find SA according to the cookie.

 

 

cookie, no sa found

 

 

 

[DPD] No response from

%s:%s is the peer IP:Port. %u is the retry time. Dead Peer Detection

 

 

"%s:%s using existing

(DPD) detected no response from peer.

 

 

Phase-1 SA in %u

 

 

 

seconds. Trying with

 

 

 

Phase-1 rekey.

 

 

 

[HASH] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the exchange hash

 

 

Phase 1 hash mismatch

did not match.

 

 

[HASH] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-2, the calculated quick

 

 

Phase 2 hash mismatch"

mode authentication hash did not match.

 

 

[ID] : Invalid ID

ID payload is not valid (in Phase-1 is local/peer ID, in Phase-2 is local/

 

 

information

remote policy).

 

 

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the local tunnel IP

 

 

Local IP mismatch

did not match the My IP in VPN gateway.

 

 

[ID] : Tunnel [%s] My

%s is the tunnel name. When negotiating Phase-1 and selecting

 

 

IP mismatch

matched proposal, My IP Address could not be resolved.

 

 

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the peer ID did not

 

 

Phase 1 ID mismatch

match.

 

 

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-2 and checking IPsec

 

 

Phase 2 Local ID

SAs or the ID is IPv6 ID.

 

 

mismatch

 

 

 

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-2 and checking IPsec

 

 

Phase 2 Remote ID

SAs or the ID is IPv6 ID.

 

 

mismatch

 

 

 

[ID] : Tunnel [%s]

%s is the tunnel name. When negotiating Phase-1, the peer tunnel IP

 

 

Remote IP mismatch

did not match the secure gateway address in VPN gateway.

 

 

[SA] : Malformed IPSec

When selecting a matched proposal, some protocol was given more

 

 

SA proposal

than once.

 

 

[SA] : No proposal

When selecting a matched proposal in phase-1 or phase-2, so

 

 

chosen

proposal was selected.

 

 

675

ZyWALL USG 1000 User’s Guide