1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. ZyWALL-USG50
    5. /
  5. 163
Page 811 / 944 Scroll up to view Page 806 - 810
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
811
VPN gateway %s was
enabled
%s is the gateway name. An administrator enabled the VPN
gateway.
XAUTH fail! My name:
%s
%s is the my xauth name. This indicates that my name is
invalid.
XAUTH fail! Remote
user: %s
%s is the remote xauth name. This indicates that a remote
user’s name is invalid.
XAUTH succeed! My
name: %s
%s is the my xauth name. This indicates that my name is
valid.
XAUTH succeed! Remote
user: %s
%s is the remote xauth name. This indicate that a remote
user’s name is valid
Dynamic Tunnel
[%s:%s:0x%x:%s] built
successfully
The variables represent the phase 1 name, tunnel name, SPI
and the xauth name (optional). The phase-2 tunnel
negotiation is complete.
Dynamic Tunnel
[%s:%s:0x%x:0x%x:%s]
rekeyed successfully
The variables represent the phase 1 name, tunnel name, old
SPI, new SPI and the xauth name (optional). The tunnel was
rekeyed successfully.
Tunnel
[%s:%s:0x%x:%s] built
successfully
The variables represent the phase 1 name, tunnel name, SPI
and the xauth name (optional). The phase-2 tunnel
negotiation is complete.
Tunnel
[%s:%s:0x%x:0x%x:%s]
rekeyed successfully
The variables represent the phase 1 name, tunnel name, old
SPI, new SPI and the xauth name (optional). The tunnel was
rekeyed successfully.
Tunnel [%s:%s]
Phase
1 pre-shared key
mismatch
The variables represent the phase 1 name and tunnel name.
When negotiating phase-1, the pre-shared keys did not
match.
Tunnel [%s:%s]
Recving IKE request
The variables represent the phase 1 name and tunnel name.
The device received an IKE request.
Tunnel [%s:%s]
Sending IKE request
The variables represent the phase 1 name and tunnel name.
The device sent an IKE request.
Tunnel [%s:0x%x] is
disconnected
The variables represent the tunnel name and the SPI of a
tunnel that was disconnected.
Tunnel [%s] rekeyed
successfully
%s is the tunnel name. The tunnel was rekeyed successfully.
Table 263
IPSec Logs
LOG MESSAGE
DESCRIPTION
Corrupt packet,
Inbound transform
operation fail
The device received corrupt IPsec packets and could not
process them.
Encapsulated packet
too big with length
An outgoing packet needed to be transformed but was longer
than 65535.
Get inbound transform
fail
When performing inbound processing for incoming IPSEC
packets and ICMPs related to them,
the engine cannot obtain
the transform context.
Table 262
IKE Logs (continued)
LOG MESSAGE
DESCRIPTION
Page 812 / 944
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
812
Get outbound transform
fail
When outgoing packet need to be transformed, the engine
cannot obtain the transform context.
Inbound transform
operation fail
After encryption or hardware accelerated processing, the
hardware accelerator dropped a packet (resource shortage,
corrupt packet, invalid MAC, and so on).
Outbound transform
operation fail
After encryption or hardware accelerated processing, the
hardware accelerator dropped a packet (e.g., resource
overflow, corrupt packet, and so on).
Packet too big with
Fragment Off
An outgoing packet needed to be transformed, but the
fragment flag was off and the packet was too big.
SPI:0x%x SEQ:0x%x
Execute transform step
fail, ret=%d
The variables represent the SPI, sequence number and the
error number. When trying to perform transforming, the
engine returned an error.
SPI:0x%x SEQ:0x%x No
rule found, Dropping
packet
The variables represent the SPI and the sequence number.
The packet did not match the tunnel policy and was dropped.
SPI:0x%x SEQ:0x%x
Packet Anti-Replay
detected
The variables represent the SPI and the sequence number.
The device received a packet again (that it had already
received).
VPN connection %s was
disabled.
%s
is the VPN connection name. An administrator disabled the
VPN connection.
VPN connection %s was
enabled.
%s
is the VPN connection name. An administrator enabled the
VPN connection.
Due to active
connection allowed
exceeded, %s was
deleted.
%s is the VPN connection name. The number of active
connections exceeded the maximum allowed.
Table 264
Firewall Logs
LOG MESSAGE
DESCRIPTION
priority:%lu, from %s
to %s, service %s, %s
1st variable is the global index of rule, 2nd is the from zone,
3rd is the to zone, 4th is the service name, 5th is ACCEPT/
DROP/REJECT.
%s:%d: in %s():
Firewall is dead, trace to %s is which file, %d is which line,
%s is which function
Firewall has been %s.
%s is enabled/disabled
Firewall rule %d has
been moved to %d.
1st %d is the old global index of rule, 2nd %d is the new
global index of rule
Firewall rule %d has
been deleted.
%d is the global index of rule
Firewall rules have
been flushed.
Firewall rules were flushed
Firewall rule %d was
%s.
%d is the global index of rule, %s is appended/inserted/
modified
Table 263
IPSec Logs (continued)
LOG MESSAGE
DESCRIPTION
Page 813 / 944
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
813
Firewall %s %s rule %d
was %s.
1st %s is from zone, 2nd %s is to zone, %d is the index of
the rule
3rd %s is appended/inserted/modified
Firewall %s %s rule %d
has been moved to %d.
1st %s is from zone, 2nd %s is to zone, 1st %d is the old
index of the rule
2nd %d is the new index of the rule
Firewall %s %s rule %d
has been deleted.
1st %s is from zone, 2nd %s is to zone, %d is the index of
the rule
Firewall %s %s rules
have been flushed.
1st %s is from zone, 2nd %s is to zone
abnormal TCP flag
attack detected
Abnormal TCP flag attack detected
invalid state detected
Invalid state detected
The Asymmetrical Route
has been enabled.
Asymmetrical route has been turned on.
The Asymmetrical Route
has been disabled.
Asymmetrical Route has been turned off.
Table 265
Sessions Limit Logs
LOG MESSAGE
DESCRIPTION
Maximum sessions per
host (%d) was
exceeded.
%d is maximum sessions per host.
Table 266
Policy Route Logs
LOG MESSAGE
DESCRIPTION
Can't open bwm_entries
Policy routing can't activate BWM feature.
Can't open link_down
Policy routing can't detect link up/down status.
Cannot get handle from
UAM, user-aware PR is
disabled
User-aware policy routing is disabled due to some reason.
mblock: allocate
memory failed!
Allocating policy routing rule fails: insufficient memory.
pt: allocate memory
failed!
Allocating policy routing rule fails: insufficient memory.
To send message to
policy route daemon
failed!
Failed to send control message to policy routing manager.
The policy route %d
allocates memory fail!
Allocating policy routing rule fails: insufficient memory.
%d: the policy route rule number
Table 264
Firewall Logs (continued)
LOG MESSAGE
DESCRIPTION
Page 814 / 944
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
814
The policy route %d
uses empty user group!
Use an empty object group.
%d: the policy route rule number
The policy route %d
uses empty source
address group!
Use an empty object group.
%d: the policy route rule number
The policy route %d
uses empty destination
address group!
Use an empty object group.
%d: the policy route rule number
The policy route %d
uses empty service
group
Use an empty object group.
%d: the policy route rule number
Policy-route rule %d
was inserted.
Rules is inserted into system.
%d: the policy route rule number
Policy-route rule %d
was appended.
Rules is appended into system.
%d: the policy route rule number
Policy-route rule %d
was modified.
Rule is modified.
%d: the policy route rule number
Policy-route rule %d
was moved to %d.
Rule is moved.
1st %d: the original policy route rule number
2nd %d: the new policy route rule number
Policy-route rule %d
was deleted.
Rule is deleted.
%d: the policy route rule number
Policy-route rules
were flushed.
Policy routing rules are cleared.
BWM has been
activated.
The global setting for bandwidth management on the ZyWALL
has been turned on.
BWM has been
deactivated.
The global setting for bandwidth management on the ZyWALL
has been turned off.
Interface %s alive,
related policy route
rules will be re-
enabled
An interface came back up so the ZyWALL will use the related
policy route rules again.
Interface %s dead,
related policy route
rules will be disabled
An interface went down so the ZyWALL will stop using the
related policy route rules.
Trunk %s alive,
related policy route
rules will be re-
enabled
A trunk came back up so the ZyWALL will use the related
policy route rules again.
Trunk %s dead, related
policy route rules
will be disabled
A trunk went down so the ZyWALL will stop using the related
policy route rules.
Table 266
Policy Route Logs (continued)
LOG MESSAGE
DESCRIPTION
Page 815 / 944
Appendix A Log Descriptions
ZyWALL USG 50 User’s Guide
815
Table 267
Built-in Services Logs
LOG MESSAGE
DESCRIPTION
User on %u.%u.%u.%u
has been denied access
from %s
HTTP/HTTPS/TELNET/SSH/FTP/SNMP access to the device
was denied.
%u.%u.%u.%u is IP address
%s is HTTP/HTTPS/SSH/SNMP/FTP/TELNET
HTTPS certificate:%s
does not exist. HTTPS
service will not work.
An administrator assigned a nonexistent certificate to HTTPS.
%s is certificate name assigned by user
HTTPS port has been
changed to port %s.
An administrator changed the port number for HTTPS.
%s is port number
HTTPS port has been
changed to default
port.
An administrator changed the port number for HTTPS back to
the default (443).
HTTP port has changed
to port %s.
An administrator changed the port number for HTTP.
%s is port number assigned by user
HTTP port has changed
to default port.
An administrator changed the port number for HTTP back to
the default (80).
SSH port has been
changed to port %s.
An administrator changed the port number for SSH.
%s is port number assigned by user
SSH port has been
changed to default
port.
An administrator changed the port number for SSH back to
the default (22).
SSH certificate:%s
does not exist. SSH
service will not work.
An administrator assigned a nonexistent certificate to SSH.
%s is certificate name assigned by user
SSH certificate:%s
format is wrong. SSH
service will not work.
After an administrator
assigns a certificate for SSH, the
device needs to convert it to a key used for SSH.
%s is certificate name assigned by user
TELNET port has been
changed to port %s.
An administrator changed the port number for TELNET.
%s is port number assigned by user
TELNET port has been
changed to default
port.
An administrator changed the port number for TELNET back
to the default (23).
FTP certificate:%s
does not exist.
An administrator assigned a nonexistent certificate to FTP.
%s is certificate name assigned by user
FTP port has been
changed to port %s.
An administrator changed the port number for FTP.
%s is port number assigned by user
FTP port has been
changed to default
port.
An administrator changed the port number for FTP back to
the default (21).

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top