1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. ZyWALL-USG50
    5. /
  5. 162
Page 806 / 944 Scroll up to view Page 801 - 805
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
806
Duplicate sid <sid> in
import file at line
<linenum>.
The listed signature ID is duplicated at the listed line
number in the signature file.
IDP rule <num> has been
deleted.
The listed IDP rule has been removed.
IDP rule <num> has been
moved to <num>.
The IDP rule with the specified index number (first num)
was moved to the specified index number (second num).
New IDP rule has been
appended.
An IDP rule has been added to the end of the list.
IDP rule <num> has been
inserted.
An IDP rule has been inserted. <num> is the number of the
new rule.
IDP rule <num> has been
modified.
The IDP rule of the specified number has been changed.
IDP profile <name> has
been deleted.
The IDP profile with the specified name has been removed.
IDP profile <name> has
been changed to <name>.
An IDP profile’s name has been changed from first <name>
to the second <name>.
IDP profile <name> has
been created.
The IDP profile with the specified name has been added.
IDP profile <name> has
been modified.
IDP profile has been modified. <name> is profile name.
IDP signatures missing,
please refer to your
user documentation to
recover the default
database file
When the ZyWALL started it could not find the IDP
signature file. See the CLI reference guide for how to
restore the default system database.
IDP signature size is
over system limitation.
The IDP signature set is too large (exceeds the ZyWALL’s
system limitation).
Table 261
Application Patrol
MESSAGE
EXPLANATION
Service=%s Mode=%s
Rule=%s Access=%s
Common packet logging. 1st %s: Protocol Name, 2nd %s:
"port-less" or "port-base", 3rd %s: Rule Index, 4th %s:
"forward", "drop" or "reject".
Service=%s Rule=%s
Action=%s Access=drop
Special packet logging for IM action. 1st %s: Protocol
Name, 2nd %s: "port-less" or "port-base", 3rd %s: "login",
"message", "audio", "video" or "file-transfer".
Initialize App. Patrol
has succeeded.
Application patrol was successfully initiated.
Rule %s:%s has been
modified
An application patrol rule has been modified. 1st %s:
Protocol Name, 2nd: Rule Index.
App. Patrol has been
activated.
Application patrol was turned on.
App. Patrol has been
deactivated.
Application patrol was turned off.
Table 260
IDP Logs (continued)
LOG MESSAGE
DESCRIPTION
Page 807 / 944
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
807
Protocol %s has been
enabled.
The listed protocol has been turned on in the application
patrol.
Protocol %s has been
disabled.
The listed protocol has been turned off in the application
patrol.
Classification mode of
protocol %s has been
modified to portless.
The device will now use the portless classification mode to
identify the listed protocol’s traffic.
Classification mode of
protocol %s has been
modified to portbase.
The device will now use the port-based classification mode
to identify the listed protocol’s traffic.
Bandwidth graph of
protocol %s has been
enabled.
The bandwidth graph has been turned on for the listed
protocol’s traffic.
Bandwidth graph of
protocol %s has been
disabled.
The bandwidth graph has been turned off for the listed
protocol’s traffic.
Default port %s of
protocol %s has been
added.
The listed default port (first %s) has been added for the
listed protocol (second %s).
Default port %s of
protocol %s has been
removed.
The listed default port (first %s) has been deleted for the
listed protocol (second %s).
Rule %s:%s has been
moved to index %s.
An application patrol rule has been moved.
1st %s: Protocol name
2nd %s: From rule index number
3rd %s: To rule index number
Rule %s:%s has been
removed.
An application patrol rule has been deleted.
1st %s: Protocol name
2nd %s: From rule index number
3rd %s: To rule index number
System fatal error:
60011001.
The device failed to initiate the application patrol daemon.
System fatal error:
60011002.
The device failed to get the application patrol protocol list.
System fatal error:
60011003.
The device failed to initiate XML.
System fatal error:
60011004.
The device failed to turn application patrol off while the
system was initiating.
MSN user %s has logged
%s.
The specified MSN user has logged in or logged out.
Table 261
Application Patrol (continued)
MESSAGE
EXPLANATION
Page 808 / 944
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
808
Table 262
IKE Logs
LOG MESSAGE
DESCRIPTION
Peer has not announced
DPD capability
The remote IPSec router has not announced its dead peer
detection (DPD) capability to this device.
[COOKIE] Invalid
cookie, no sa found
Cannot find SA according to the cookie.
[DPD] No response from
peer. Using existing
Phase-1 SA in %u
seconds. Trying with
Phase-1 rekey.
The device’s DPD feature has not detected a response from
the remote IPSec router. %u is the retry time.
[HASH] : Tunnel [%s]
Phase 1 hash mismatch
%s
is the tunnel name. When negotiating Phase-1, the
exchange hash did not match.
[HASH] : Tunnel [%s]
Phase 2 hash mismatch"
%s
is the tunnel name. When negotiating Phase-2, the
calculated quick mode authentication hash did not match.
[ID] : Invalid ID
information
ID payload is not valid (in Phase-1 is local/peer ID, in Phase-2
is local/remote policy).
[ID] : Tunnel [%s]
Local IP mismatch
%s
is the tunnel name. When negotiating Phase-1, the local
tunnel IP did not match the My IP in VPN gateway.
[ID] : Tunnel [%s] My
IP mismatch
%s
is the tunnel name. When negotiating Phase-1 and
selecting matched proposal, My IP Address could not be
resolved.
[ID] : Tunnel [%s]
Phase 1 ID mismatch
%s
is the tunnel name. When negotiating Phase-1, the peer ID
did not match.
[ID] : Tunnel [%s]
Phase 2 Local ID
mismatch
%s
is the tunnel name. When negotiating Phase-2 and
checking IPsec SAs or the ID is IPv6 ID.
[ID] : Tunnel [%s]
Phase 2 Remote ID
mismatch
%s
is the tunnel name. When negotiating Phase-2 and
checking IPsec SAs or the ID is IPv6 ID.
[ID] : Tunnel [%s]
Remote IP mismatch
%s is the tunnel name. When negotiating Phase-1, the peer
tunnel IP did not match the secure gateway address in VPN
gateway.
[SA] : Malformed IPSec
SA proposal
When selecting a matched proposal, some protocol was given
more than once.
[SA] : No proposal
chosen
When selecting a matched proposal in phase-1 or phase-2, so
proposal was selected.
[SA] : Tunnel [%s]
Phase 1 authentication
algorithm mismatch
%s is the tunnel name. When negotiating Phase-1, the
authentication algorithm did not match.
[SA] : Tunnel [%s]
Phase 1 authentication
method mismatch
%s is the tunnel name. When negotiating Phase-1, the
authentication method did not match.
[SA] : Tunnel [%s]
Phase 1 encryption
algorithm mismatch
%s is the tunnel name. When negotiating Phase-1, the
encryption algorithm did not match.
Page 809 / 944
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
809
[SA] : Tunnel [%s]
Phase 1 invalid
protocol
%s is the tunnel name. When negotiating Phase-1, the packet
was not a ISKAMP packet in the protocol field.
[SA] : Tunnel [%s]
Phase 1 invalid
transform
%s is the tunnel name. When negotiating Phase-1, the
transform ID was invalid.
[SA] : Tunnel [%s]
Phase 1 key group
mismatch
%s is the tunnel name. When negotiating Phase-1, the DH
group of the attribute list `attrs' did not match the security
policy.
[SA] : Tunnel [%s]
Phase 1 negotiation
mode mismatch
%s is the tunnel name. When negotiating Phase-1, the
negotiation mode did not match.
[SA] : Tunnel [%s]
Phase 2 authentication
algorithm mismatch
%s is the tunnel name. When negotiating Phase-2, the
authentication algorithm did not match.
[SA] : Tunnel [%s]
Phase 2 encapsulation
mismatch
%s is the tunnel name. When negotiating Phase-2, the
encapsulation did not match.
[SA] : Tunnel [%s]
Phase 2 encryption
algorithm mismatch
%s is the tunnel name. When negotiating Phase-2, the
encryption algorithm did not match.
[SA] : Tunnel [%s]
Phase 2 pfs mismatch
%s is the tunnel name. When negotiating Phase-2, the PFS
specified did not match.
[SA] : Tunnel [%s]
Phase 2 pfs
unsupported: %d
%s is the tunnel name. When negotiating Phase-2, this device
does not support the PFS specified.
[SA] : Tunnel [%s]
Phase 2 SA
encapsulation
mismatch
%s is the tunnel name. When negotiating Phase-2, the SA
encapsulation did not match.
[SA] : Tunnel [%s]
Phase 2 SA protocol
mismatch
%s is the tunnel name. When negotiating Phase-2, the SA
protocol did not match.
[SA] : Tunnel [%s] SA
sequence size mismatch
%s is the tunnel name. When negotiating Phase-2, the SA
sequence size did not match.
[XCHG] exchange type
is not IP, AGGR, or
INFO
This device is the responder and this is the initiator’s first
packet, but exchange type is not IP, AGGR, or INFO and the
packet is ignored.
Cannot resolve My IP
Addr %s for Tunnel
[%s]
1st %s is my ip address. 2nd %s is the tunnel name. When
selecting a matched proposal in phase-1, the engine could not
get My-IP address.
Cannot resolve Secure
Gateway Addr %s for
Tunnel [%s]
1st %s is my ip address. 2nd %s is the tunnel name; When
selecting a matched proposal in phase-1, the engine could not
get the correct secure gateway address.
Could not dial dynamic
tunnel "%s"
%s is the tunnel name. The tunnel is a dynamic tunnel and
the device cannot dial it.
Could not dial
incomplete tunnel "%s"
%s is the tunnel name. The tunnel setting is not complete.
Table 262
IKE Logs (continued)
LOG MESSAGE
DESCRIPTION
Page 810 / 944
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
810
Could not dial manual
key tunnel "%s"
%s is the tunnel name. The manual key tunnel cannot be
dialed.
DPD response with
invalid ID
When receiving a DPD response with invalid ID ignored.
DPD response with no
active request
When receiving a DPD response with no active query.
IKE Packet Retransmit
When retransmitting the IKE packets.
Phase 1 IKE SA process
done
When Phase 1 negotiation is complete.
Recv Main Mode request
from [%s]
%s is the remote name; When receiving a request to enter
Main mode.
Recv Aggressive Mode
request from [%s]
%s is the remote name; When receiving a request to enter
Aggressive mode.
Recv:[SA][KE][ID][CER
T][CR][HASH][SIG][NON
CE][DEL][VID][ATTR][N
OTFY:%s]
This is a combined message for incoming IKE packets
Send Main Mode request
to [%s]
%s is the remote name. The device sent a request to enter
Main Mode.
Send Aggressive Mode
request to [%s]
%s is the remote name. The device sent a request to enter
Aggressive Mode.
Send:[SA][KE][ID][CER
T][CR][HASH][SIG][NON
CE][DEL][VID][ATTR][N
OTFY:%s]
This is a combined message for outgoing IKE packets.
Start Phase 2: Quick
Mode
Indicates the beginning of phase 2 using quick mode.
The cookie pair is :
0x%08x%08x /
0x%08x%08x
Indicates the initiator/responder cookie pair.
The IPSec tunnel "%s"
is already established
%s is the tunnel name. When dialing a tunnel, the tunnel is
already dialed.
Tunnel [%s] built
successfully
%s is the tunnel name. The phase-2 tunnel negotiation is
complete.
Tunnel [%s] Phase 1
pre-shared key
mismatch
%s is the tunnel name. When negotiating phase-1, the pre-
shared key did not match.
Tunnel [%s] Recving
IKE request
%s is the tunnel name. The device received an IKE request.
Tunnel [%s] Sending
IKE request
%s is the tunnel name. The device sent an IKE request.
Tunnel [%s] IKE
Negotiation is in
process
%s is the tunnel name. When IKE request is already sent but
still attempting to dial a tunnel.
VPN gateway %s was
disabled
%s is the gateway name. An administrator disabled the VPN
gateway.
Table 262
IKE Logs (continued)
LOG MESSAGE
DESCRIPTION

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top