|
| Appendix B Log Descriptions | |
| Table 242 IKE Logs (continued) | ||
| LOG MESSAGE | DESCRIPTION |
|
| Tunnel [%s:%s] | The variables represent the phase 1 name and tunnel name. The |
|
| Sending IKE request | device sent an IKE request. |
|
| Tunnel [%s:0x%x] is | The variables represent the tunnel name and the SPI of a tunnel that |
|
| disconnected | was disconnected. |
|
| Tunnel [%s] rekeyed | %s is the tunnel name. The tunnel was rekeyed successfully. |
|
| successfully |
|
|
| Table 243 IPSec Logs |
|
|
| LOG MESSAGE | DESCRIPTION |
|
| Corrupt packet, | The device received corrupt IPsec packets and could not process |
|
| Inbound transform | them. |
|
| operation fail |
|
|
| Encapsulated packet | An outgoing packet needed to be transformed but was longer than |
|
| too big with length | 65535. |
|
| Get inbound transform | When performing inbound processing for incoming IPSEC packets and |
|
| fail | ICMPs related to them, the engine cannot obtain the transform |
|
|
| context. |
|
| Get outbound transform | When outgoing packet need to be transformed, the engine cannot |
|
| fail | obtain the transform context. |
|
| Inbound transform | After encryption or hardware accelerated processing, HWAccel |
|
| operation fail | dropped packet (resource shortage, corrupt packet, invalid MAC, and |
|
|
| so on). |
|
| Outbound transform | After encryption or hardware accelerated processing, Hwaccel |
|
| operation fail | dropped packet (e.g., resource overflow, corrupt packet, and so on). |
|
| Packet too big with | An outgoing packet needed to be transformed, but the fragment flag |
|
| Fragment Off | was off and the packet was too big. |
|
| SPI:0x%x SEQ:0x%x | The variables represent the SPI, sequence number and the error |
|
| Execute transform step | number. When trying to perform transforming, the engine returned an |
|
| fail, ret=%d | error. |
|
| SPI:0x%x SEQ:0x%x No | The variables represent the SPI and the sequence number. The |
|
| rule found, Dropping | packet did not match the tunnel policy and was dropped. |
|
| packet |
|
|
| SPI:0x%x SEQ:0x%x | The variables represent the SPI and the sequence number. The device |
|
| Packet | received a packet again (that it had already received). |
|
| detected |
|
|
| VPN connection %s was | %s is the VPN connection name. An administrator disabled the VPN |
|
| disabled. | connection. |
|
| VPN connection %s was | %s is the VPN connection name. An administrator enabled the VPN |
|
| enabled. | connection. |
|
| 679 |
ZyWALL USG 1000 User’s Guide | |
|
|