These log messages refer to the IPSEC (IPsec (VPN) events) category.
2.36.1. fatal_ipsec_event (ID: 01800100)
- Default Severity
- ALERT
- Log Message
- Fatal event occured, because of <reason>
- Explanation
- Fatal event occured in IPsec stack.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- reason
2.36.2. warning_ipsec_event (ID: 01800101)
- Default Severity
- WARNING
- Log Message
- Warning event occured, because of <reason>
- Explanation
- Warning event from IPsec stack.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- reason
2.36.3. audit_event (ID: 01800103)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- An audit event occured in the IPsec stack.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 2
- Parameters
- srcip
destip
spi
seq
protocol
reason
2.36.4. audit_flood (ID: 01800104)
- Default Severity
- NOTICE
- Log Message
- <reason>.
- Explanation
- The rate limit for audit messages was reached.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- reason
2.36.5. ike_delete_notification (ID: 01800105)
- Default Severity
- NOTICE
- Log Message
- Local IP: <local_ip>, Remote IP: <remote_ip>, Cookies: <cookies>, Reason: <reason>.
- Explanation
- None
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- local_ip
remote_ip
cookies
reason
2.36.6. ike_invalid_payload (ID: 01800106)
- Default Severity
- WARNING
- Log Message
- Local IP: <local_ip>, Remote IP: <remote_ip>, Cookies: <cookies>, Reason: <reason>.
- Explanation
- None
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- local_ip
remote_ip
cookies
reason
2.36.7. ike_invalid_proposal (ID: 01800107)
- Default Severity
- WARNING
- Log Message
- Local IP: <local_ip>, Remote IP: <remote_ip>, Cookies: <cookies>, Reason: <reason>.
- Explanation
- The proposal for the security association could not be accepted.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- local_ip
remote_ip
cookies
reason
2.36.8. ike_retry_limit_reached (ID: 01800108)
- Default Severity
- NOTICE
- Log Message
- Local IP: <local_ip>, Remote IP: <remote_ip>, Cookies: <cookies>, Reason: <reason>.
- Explanation
- The retry limit for transmitting ISAKMP messages was reached.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- local_ip
remote_ip
cookies
reason
2.36.9. ike_quickmode_failed (ID: 01800109)
- Default Severity
- WARNING
- Log Message
- Local IP: <local_ip>, Remote IP: <remote_ip>, Cookies: <cookies>, Reason: <reason>.
- Explanation
- None
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- local_ip
remote_ip
cookies
reason
2.36.10. packet_corrupt (ID: 01800110)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- Received a corrupt packet.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 2
- Parameters
- srcip
destip
spi
seq
protocol
reason
2.36.11. icv_failure (ID: 01800111)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- The computed and ICV of the received packet did not match.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 3
- Parameters
- srcip
destip
spi
seq
protocol
reason
packet_data
2.36.12. sequence_number_failure (ID: 01800112)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- The received packet did not fall within the sliding window.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 2
- Parameters
- srcip
destip
spi
seq
protocol
reason
2.36.13. sa_lookup_failure (ID: 01800113)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- The received packet could not be mapped to an appropriate SA.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 2
- Parameters
- srcip
destip
spi
seq
protocol
reason
2.36.14. ip_fragment (ID: 01800114)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- The packet offered to AH/ESP processing appears to be an IP fragment.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 3
- Parameters
- srcip
destip
spi
seq
protocol
reason
packet_data
2.36.15. sequence_number_overflow (ID: 01800115)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- An attempt to transmit a packet that would result in sequence number overflow.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 2
- Parameters
- srcip
destip
spi
seq
protocol
reason
2.36.16. bad_padding (ID: 01800116)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- The received packet has incorrect padding.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 3
- Parameters
- srcip
destip
spi
seq
protocol
reason
packet_data
2.36.17. hardware_accelerator_congested (ID: 01800117)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- Hardware accleration failed due to resource shortage.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 2
- Parameters
- srcip
destip
spi
seq
protocol
reason
2.36.18. hardware_acceleration_failure (ID: 01800118)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, Reason: <reason>.
- Explanation
- Hardware acceleration failed due to resource shortage, a corrupt packet or other hardware related error.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 3
- Parameters
- srcip
destip
spi
seq
protocol
reason
packet_data
2.36.19. ip_validation_failure (ID: 01800119)
- Default Severity
- NOTICE
- Log Message
- Source IP: <srcip>, Destination IP: <destip>, SPI: <spi>, Seq: <seq>, Protocol: <protocol>, ID: <id>, Reason: <reason>.
- Explanation
- The source or destination address/port did not match the traffic selectors for the SA.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 2
- Parameters
- srcip
destip
spi
seq
protocol
id
reason
2.36.20. commit_failed (ID: 01800200)
- Default Severity
- CRITICAL
- Log Message
- Failed to commit IPsec configuration
- Explanation
- Failed to commit IPsec configuration.
- Firewall Action
- IPsec_configuration_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.21. commit_succeeded (ID: 01800201)
- Default Severity
- INFORMATIONAL
- Log Message
- Commit succeeded - recalculating flows and reapplying routes
- Explanation
- Succeeded to commit IPsec configuration. Flows will be recalculated and reapplied.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.22. x509_init_failed (ID: 01800203)
- Default Severity
- CRITICAL
- Log Message
- Failed to initilaze x509 library
- Explanation
- Failed to initilaze x509 library.
- Firewall Action
- IPsec_configuration_disabled
- Recommended Action
- None
- Revision
- 1
2.36.23. pm_create_failed (ID: 01800204)
- Default Severity
- ERROR
- Log Message
- Failed to create policymanager
- Explanation
- Failed to create policymanager. Out of memory.
- Firewall Action
- reduce_number_of_tunnels
- Recommended Action
- None
- Revision
- 1
2.36.24. failed_to_start_ipsec (ID: 01800205)
- Default Severity
- CRITICAL
- Log Message
- Failed to start IPsec
- Explanation
- Failed to start IPsec. Policy Manager create did not complete.
- Firewall Action
- ipsec_disabled
- Recommended Action
- Restart.
- Revision
- 1
2.36.25. failed_to_start_ipsec (ID: 01800206)
- Default Severity
- ERROR
- Log Message
- Disable all IPsec tunnels
- Explanation
- Disable all IPsec tunnels due to memory limitations.
- Firewall Action
- disable_all_ipsec_interfaces
- Recommended Action
- None
- Revision
- 1
2.36.26. failed_create_audit_module (ID: 01800207)
- Default Severity
- ERROR
- Log Message
- Failed to create audit module.
- Explanation
- Failed to create audit module.
- Firewall Action
- IPsec_audit_disabled
- Recommended Action
- None
- Revision
- 1
2.36.27. failed_attach_audit_module (ID: 01800208)
- Default Severity
- ERROR
- Log Message
- Failed to attach audit module.
- Explanation
- Failed to attach audit module.
- Firewall Action
- IPsec_audit_disabled
- Recommended Action
- None
- Revision
- 1
2.36.28. failed_to_configure_IPsec (ID: 01800209)
- Default Severity
- CRITICAL
- Log Message
- Failed during configuration with error: <error_msg> for tunnel: <tunnel>
- Explanation
- Failed to set IPsec configuration.
- Firewall Action
- IPsec_configuration_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
- Parameters
- error_msg
tunnel
2.36.29. failed_to_configure_IPsec (ID: 01800210)
- Default Severity
- CRITICAL
- Log Message
- Failed during configuration with error: <error_msg>
- Explanation
- Failed to set IPsec configuration.
- Firewall Action
- IPsec_configuration_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
- Parameters
- error_msg
2.36.30. reconfig_IPsec (ID: 01800211)
- Default Severity
- INFORMATIONAL
- Log Message
- Reconfiguration of IPsec started
- Explanation
- Reconfiguration of IPsec started.
- Firewall Action
- ipsec_reconfigured
- Recommended Action
- None
- Revision
- 2
2.36.31. failed_to_reconfig_ipsec (ID: 01800212)
- Default Severity
- ERROR
- Log Message
- Failed to reconfigure IPsec
- Explanation
- Failed to reconfigure IPsec. No policymanager object.
- Firewall Action
- new_ipsec_configuration_disabled
- Recommended Action
- None
- Revision
- 2
2.36.32. IPsec_init_failed (ID: 01800213)
- Default Severity
- CRITICAL
- Log Message
- Failed to initialize IPsec
- Explanation
- Failed to start IPsec.
- Firewall Action
- IPsec_configuration_disabled
- Recommended Action
- Restart.
- Revision
- 1
2.36.33. ipsec_started_successfully (ID: 01800214)
- Default Severity
- INFORMATIONAL
- Log Message
- IPsec started successfully
- Explanation
- Succeeded to create Policymanger and commit IPsec configuration.
- Firewall Action
- ipsec_started
- Recommended Action
- None
- Revision
- 2
2.36.34. Failed_to_set_local_ID (ID: 01800301)
- Default Severity
- ERROR
- Log Message
- Failed to configure Local ID <local_id> for tunnel <tunnel>
- Explanation
- Failed to configure tunnel with specified local id.
- Firewall Action
- LocalID_disabled
- Recommended Action
- None
- Revision
- 1
- Parameters
- local_id
tunnel
2.36.35. Failed_to_add_certificate (ID: 01800302)
- Default Severity
- ERROR
- Log Message
- Failed add host certificate: <certificate>, for tunnel <tunnel>
- Explanation
- Failed to add specified host certificate.
- Firewall Action
- certificate_disabled
- Recommended Action
- Reconfigure_tunnnel.
- Revision
- 1
- Parameters
- certificate
tunnel
2.36.36. Default_IKE_DH_groups_will_be_used (ID: 01800303)
- Default Severity
- INFORMATIONAL
- Log Message
- Default configuration for IKE DH groups (2 and 5) will be used for tunnel: <tunnel>
- Explanation
- Inform that default DH groups settings will be used.
- Firewall Action
- Use_default_IKE_DH_groups
- Recommended Action
- None
- Revision
- 1
- Parameters
- tunnel
2.36.37. failed_to_set_algorithm_properties (ID: 01800304)
- Default Severity
- ERROR
- Log Message
- Failed to set properties IPsec alogorithm <alg>, for tunnel <tunnel>
- Explanation
- Failed to set specified properties (keysize, lifetimes) for IPsec algorithm.
- Firewall Action
- use_default_values_for_algorithm
- Recommended Action
- None
- Revision
- 2
- Parameters
- alg
tunnel
2.36.38. failed_to_add_root_certificate (ID: 01800306)
- Default Severity
- ERROR
- Log Message
- Failed add root certificate: <certificate>, for tunnel <tunnel>
- Explanation
- Failed to set specified certificate as root certificate.
- Firewall Action
- disable_certificate
- Recommended Action
- Reconfigure_tunnnel.
- Revision
- 1
- Parameters
- certificate
tunnel
2.36.39. dns_resolve_failed (ID: 01800308)
- Default Severity
- WARNING
- Log Message
- Failed to resolve remote endpoint through DNS
- Explanation
- None
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- endpoint
ipsectunnel
2.36.40. dns_resolve_timeout (ID: 01800309)
- Default Severity
- WARNING
- Log Message
- DNS resolve timed out
- Explanation
- None
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- endpoint
ipsectunnel
2.36.41. dns_no_record (ID: 01800311)
- Default Severity
- WARNING
- Log Message
- DNS query returned no records for remote endpoint <endpoint>.
- Explanation
- Configured remote endpoint DNS does not have any IP addresses.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- endpoint
ipsectunnel
2.36.42. remote_endpoint_ip_added (ID: 01800313)
- Default Severity
- INFORMATIONAL
- Log Message
- Resolved remote-endpoint <endpoint> to IP <ip> for IPsec tunnel <ipsectunnel>.
- Explanation
- A new remote endpoint IP was added to IPsec tunnel.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- endpoint
ipsectunnel
ip
TTL
TTR
2.36.43. failed_to_add_rules (ID: 01800314)
- Default Severity
- ERROR
- Log Message
- Failed to commit rules after remote endpoint <endpoint> have been resolved by DNS for IPsec tunnel: <ipsectunnel>
- Explanation
- Failed to add rules to tunnel after remote endpoint have been resolved by DNS.
- Firewall Action
- IPsec_tunnel_disabled
- Recommended Action
- None
- Revision
- 2
- Parameters
- endpoint
ipsectunnel
2.36.44. no_policymanager (ID: 01800316)
- Default Severity
- CRITICAL
- Log Message
- No policymanager!! to free tunnel object from
- Explanation
- No policymanager to free tunnel from!!! IPsec does not work properly.
- Firewall Action
- ipsec_out_of_work
- Recommended Action
- Restart.
- Revision
- 1
2.36.45. peer_is_dead (ID: 01800317)
- Default Severity
- INFORMATIONAL
- Log Message
- Peer <peer> has been detected dead
- Explanation
- A remote peer have been detected as dead. This will cause all tunnels associated with the peer to be taken down.
- Firewall Action
- IPsec_tunnel_disabled
- Recommended Action
- None
- Revision
- 1
- Parameters
- peer
2.36.46. failed_to_set_dpd_cb (ID: 01800318)
- Default Severity
- ERROR
- Log Message
- Failed to set callback for Dead Peer Detection
- Explanation
- Failed to set callback for Dead Peer Detection User will not receive log message when a peer has been detected dead and the
tunnel have been killed.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.47. failed_to_add_certificate (ID: 01800319)
- Default Severity
- ERROR
- Log Message
- Failed with error: <status_msg>, message <answermsg>, when adding certificate: <certificate>
- Explanation
- Failed to add endpoint certificate to external key provider.
- Firewall Action
- certificate_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- status_msg
answermsg
certificate
2.36.48. failed_to_remove_key_provider (ID: 01800320)
- Default Severity
- CRITICAL
- Log Message
- Try to read out external keyporvider object when no policymanager object avaliable!!
- Explanation
- Try to read out external keyporvider object when no policymanager object avaliable!.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.49. failed_to_add_key_provider (ID: 01800321)
- Default Severity
- CRITICAL
- Log Message
- Failed with error: <status_msg>, when adding external key provider for certificate handling
- Explanation
- Failed to add external key provider. All certificate authentication will be disabled.
- Firewall Action
- IPsec_disabled
- Recommended Action
- Restart.
- Revision
- 1
- Parameters
- status_msg
2.36.50. failed_to_add_certificate (ID: 01800322)
- Default Severity
- ERROR
- Log Message
- Failed add certificate: <certificate>, for tunnel <tunnel>
- Explanation
- Failed to add certificate. Tunnel configured with this certificate for authentication will fail while negotiate.
- Firewall Action
- certificate_disabled
- Recommended Action
- None
- Revision
- 1
- Parameters
- certificate
tunnel
2.36.51. remote_endpoint_ip_removed (ID: 01800327)
- Default Severity
- INFORMATIONAL
- Log Message
- Remote endpoint <endpoint> IP <ip> was removed from IPsec tunnel <ipsectunnel>.
- Explanation
- Remote endpoint IP was removed from DNS cache.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- endpoint
ipsectunnel
ip
2.36.52. Failed_to_set_Remote_ID (ID: 01800332)
- Default Severity
- ERROR
- Log Message
- Failed to configure Remote ID <remote_id> for tunnel <tunnel>
- Explanation
- Failed to configure tunnel with specified remote id.
- Firewall Action
- RemoteID_disabled
- Recommended Action
- None
- Revision
- 1
- Parameters
- remote_id
tunnel
2.36.53. failed_to_set_certificate_trust (ID: 01800342)
- Default Severity
- ERROR
- Log Message
- Failed set trust for host certificate <certificate> for tunnel <tunnel>
- Explanation
- Failed to set trust for the specified host certificate.
- Firewall Action
- certificate_disabled
- Recommended Action
- Reconfigure_tunnnel.
- Revision
- 1
- Parameters
- certificate
tunnel
2.36.54. failed_to_set_crl_distribution_points (ID: 01800343)
- Default Severity
- ERROR
- Log Message
- Failed set CRL distribution points for certificate: <certificate>
- Explanation
- Failed to set CRL distribution points for the specified certificate.
- Firewall Action
- certificate_disabled
- Recommended Action
- None
- Revision
- 1
- Parameters
- certificate
2.36.55. dns_cache_removed (ID: 01800344)
- Default Severity
- WARNING
- Log Message
- Remote endpoint <endpoint> was removed from DNS cache.
- Explanation
- All IP address are removed from the DNS cache subsystem for this endpoint.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- endpoint
ipsectunnel
2.36.56. ippool_does_not_exist (ID: 01800400)
- Default Severity
- WARNING
- Log Message
- IP pool does not exist: <ippool>
- Explanation
- The config mode pool refers to an IP pool that does not exist. As a result, IPsec clients using config mode will not be able
lease IP addresses.
- Firewall Action
- None
- Recommended Action
- Update your config mode configuration.
- Revision
- 1
- Parameters
- ippool
2.36.57. cfgmode_ip_allocated (ID: 01800401)
- Default Severity
- NOTICE
- Log Message
- Allocated IP <ip> for use in IKE config mode
- Explanation
- A dynamically allocated ip was allocated for use with IKE config.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 2
- Parameters
- ip
num_dhcp
num_dns
num_wins
num_subnets
2.36.58. cfgmode_ip_freed_by_ippool (ID: 01800402)
- Default Severity
- NOTICE
- Log Message
- Returned a dynamic cfg mode IP <ip> to the IP pool
- Explanation
- A dynamically allocated ip used for IKE cfg mode was returned to the IP pool.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ip
2.36.59. cfgmode_ip_freed_by_ike (ID: 01800403)
- Default Severity
- NOTICE
- Log Message
- Freed IP <ip> from use in IKE config mode
- Explanation
- A dynamically allocated IP was freed from use with IKE config.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 2
- Parameters
- ip
2.36.60. cfgmode_no_context (ID: 01800404)
- Default Severity
- ALERT
- Log Message
- No IP pool context could be allocated; out of memory.
- Explanation
- An attempt to allocate an IP pool context failed because the system ran out of memory.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ippool
2.36.61. cfgmode_no_ip_fetched (ID: 01800405)
- Default Severity
- WARNING
- Log Message
- No IP address fetched from IP pool (<ippool>)
- Explanation
- No IP address could be fetched from the IP pool.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ippool
2.36.62. cfgmode_no_ip_data_acquired (ID: 01800406)
- Default Severity
- WARNING
- Log Message
- No IP address data acquired from IP pool (<ippool>)
- Explanation
- No IP address data could be acquired from the IP pool.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ippool
2.36.63. cfgmode_failed_to_add_ip (ID: 01800407)
- Default Severity
- WARNING
- Log Message
- Failed to add IP to address table
- Explanation
- The IP address could not be added to the internal address table (probably because the system ran out out of memory).
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ippool
2.36.64. recieved_packet_to_disabled_IPsec (ID: 01800500)
- Default Severity
- NOTICE
- Log Message
- received plaintext packet disabled IPsec. Packet will be dropped
- Explanation
- Received plain text packet to IPsec while disabled.
- Firewall Action
- packet_will_be_dropped
- Recommended Action
- None
- Revision
- 2
2.36.65. recieved_packet_to_disabled_IPsec (ID: 01800501)
- Default Severity
- NOTICE
- Log Message
- Received plain text packet to IPsec while shutting down. Packet will be dropped
- Explanation
- Received plain text packet to IPsec while shutting down.
- Firewall Action
- packet_will_be_dropped
- Recommended Action
- None
- Revision
- 1
2.36.66. Recieved_plaintext_packet_for_disabled_IPsec_interface (ID: 01800502)
- Default Severity
- WARNING
- Log Message
- IPsec tunnel <ipsec_connection> is disabled. Packet will be dropped
- Explanation
- A packed was dropped due to the IPsec interface being disabled.
- Firewall Action
- packet_will_be_dropped
- Recommended Action
- This is usualy a consequence of low memory or a bad configuration. Look for previous log messages to find the cause for the
interface being disabled.
- Revision
- 1
- Parameters
- ipsec_connection
2.36.67. no_remote_gateway (ID: 01800503)
- Default Severity
- ERROR
- Log Message
- Remote gateway is null. No route is possible
- Explanation
- No remote gateway for packet, i.e no route defined.
- Firewall Action
- packet_will_be_dropped
- Recommended Action
- None
- Revision
- 1
2.36.68. no_route (ID: 01800504)
- Default Severity
- ERROR
- Log Message
- Failed to lookup route. No route for packet.
- Explanation
- No remote gateway for packet, i.e no route defined.
- Firewall Action
- packet_will_be_dropped
- Recommended Action
- None
- Revision
- 1
2.36.69. ipsec_interface_disabled (ID: 01800506)
- Default Severity
- ERROR
- Log Message
- IPsec interface disabled
- Explanation
- IPsec interface disabled.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.70. no_route (ID: 01800507)
- Default Severity
- WARNING
- Log Message
- Failed to lookup route. No route for packet to remote gateway: <remote_ip>
- Explanation
- No remote gateway for packet, i.e no route defined.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipsec_if
table
remote_ip
2.36.71. no_userauth_specified_for_eap (ID: 01800600)
- Default Severity
- ERROR
- Log Message
- No EAP userauth rule found for eap authentication with remote ike peer: <srcif> <remote_peer>
- Explanation
- No user authentication rule avaliable for eap authentication.
- Firewall Action
- eap_protocols_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 2
- Parameters
- remote_peer
srcif
2.36.72. no_radius_server_configured_for_eap (ID: 01800601)
- Default Severity
- ERROR
- Log Message
- No RADIUS server configured for EAP!
- Explanation
- No RADIUS server configured for EAP!.
- Firewall Action
- eap_authentication_will_fail
- Recommended Action
- Reconfigure.
- Revision
- 1
2.36.73. insufficient_resources_for_eap (ID: 01800602)
- Default Severity
- ERROR
- Log Message
- Insufficient resources for EAP protocol
- Explanation
- Insufficient resources for EAP protocol.
- Firewall Action
- eap_authentication_will_fail
- Recommended Action
- None
- Revision
- 1
2.36.74. unknown_type_of_eap (ID: 01800603)
- Default Severity
- ERROR
- Log Message
- Unknown type of EAP protocol
- Explanation
- Type of EAP authentication protocol unknown. EAP protocol not accepted.
- Firewall Action
- eap_authentication_will_fail
- Recommended Action
- None
- Revision
- 1
2.36.75. unknown_eap_status (ID: 01800604)
- Default Severity
- ERROR
- Log Message
- Failed to add EAP-SIM as eap protocol
- Explanation
- Failed to add EAP-SIM as accepted eap protocol.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.76. eap_but_not_passthrough (ID: 01800605)
- Default Severity
- INFORMATIONAL
- Log Message
- Radius and EAP enabled, but PASS THROUGH is not set as authentication method
- Explanation
- Radius and EAP enabled, but PASS THROUGH is not set as authentication method.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.77. eap_not_supported (ID: 01800606)
- Default Severity
- ERROR
- Log Message
- No support for EAP/RADIUS: no EAP protocols can be enabled
- Explanation
- CORE sw does not support EAP/RADIUS. I.e EAP protocols can be enabled.
- Firewall Action
- eap_authentication_will_fail
- Recommended Action
- None
- Revision
- 1
2.36.78. can_not_add_eap_auth_type (ID: 01800607)
- Default Severity
- INFORMATIONAL
- Log Message
- Can't add EAP authentication: insufficient information
- Explanation
- Can't add EAP authentication: insufficient information.
- Firewall Action
- continue_with_next_eap_userauth_rule
- Recommended Action
- None
- Revision
- 1
2.36.79. eap_disabled (ID: 01800608)
- Default Severity
- NOTICE
- Log Message
- EAP is not set as authentication method
- Explanation
- EAP is not set as authentication method for phase 1.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.80. no_eap_identity (ID: 01800609)
- Default Severity
- ERROR
- Log Message
- Failed to get EAP identity for tunnel <tunnelname>
- Explanation
- Failed to get EAP identity.
- Firewall Action
- eap_authentication_will_fail
- Recommended Action
- None
- Revision
- 1
- Parameters
- tunnelname
2.36.81. eap_disabled (ID: 01800610)
- Default Severity
- ERROR
- Log Message
- No EAP secret for tunnel <tunnelname>
- Explanation
- No stored eap secret for tunnel.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- tunnelname
2.36.82. no_eapstate (ID: 01800611)
- Default Severity
- ERROR
- Log Message
- Eapstate/Phase1 not available
- Explanation
- No Eapstate/Phase1 to get eap identity from.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.83. IDi_used_as_eap_id (ID: 01800612)
- Default Severity
- INFORMATIONAL
- Log Message
- IKEv2 IDi will be used as EAP identity
- Explanation
- IKEv2 IDi will be used as EAP identity.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.84. no_eap_identity (ID: 01800613)
- Default Severity
- ERROR
- Log Message
- No EAP identity established
- Explanation
- No EAP identity established.
- Firewall Action
- eap_authentication_will_fail
- Recommended Action
- None
- Revision
- 1
2.36.85. no_userauth_specified_for_xauth (ID: 01800614)
- Default Severity
- ERROR
- Log Message
- No XAuth userauth rule found for eap authentication with remote ike peer: <srcif> <remote_peer>
- Explanation
- No user authentication rule avaliable for xauth authentication.
- Firewall Action
- xauth_protocols_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- remote_peer
srcif
2.36.86. attach_of_eap_radius_server_failed (ID: 01800630)
- Default Severity
- INFORMATIONAL
- Log Message
- Failed to attach up EAP RADIUS server. Internal error code: <error>
- Explanation
- Failed to attach EAP RADIUS server.
- Firewall Action
- radius_server_not_attached
- Recommended Action
- None
- Revision
- 1
- Parameters
- error
2.36.87. no_eap_identity_or_radius_username (ID: 01800631)
- Default Severity
- ERROR
- Log Message
- We did not get any EAP identity/ RADIUS username
- Explanation
- We did not get any EAP identity/ RADIUS username.
- Firewall Action
- continue_radius_message
- Recommended Action
- None
- Revision
- 1
2.36.88. radius_timeout (ID: 01800633)
- Default Severity
- ERROR
- Log Message
- Timeout/internal error received from RADIUS server
- Explanation
- Timeout/internal error received from RADIUS server.
- Firewall Action
- radius_communication_disabled
- Recommended Action
- None
- Revision
- 1
2.36.89. radius_reject (ID: 01800634)
- Default Severity
- ERROR
- Log Message
- Radius Access Reject received from RADIUS server
- Explanation
- Radius Access Reject received from RADIUS server.
- Firewall Action
- radius_communication_disabled
- Recommended Action
- None
- Revision
- 1
2.36.90. radius_access_accept (ID: 01800635)
- Default Severity
- INFORMATIONAL
- Log Message
- Radius Access Accept received from RADIUS server
- Explanation
- Radius Access Accept received from RADIUS server.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.91. outofmem_forward_eap_packet (ID: 01800636)
- Default Severity
- ERROR
- Log Message
- Cannot create EAP packet to be sent to client
- Explanation
- Out of memory. Cannot create EAP packet to be sent to client.
- Firewall Action
- eap_packet_dropped
- Recommended Action
- None
- Revision
- 1
2.36.92. eap_packet_discarded (ID: 01800637)
- Default Severity
- ERROR
- Log Message
- Inavlid EAP packet detected
- Explanation
- Length less than 4 indicates that the EAP packet was invalid.
- Firewall Action
- eap_packet_discarded
- Recommended Action
- None
- Revision
- 1
2.36.93. outofmem_forward_eap_packet (ID: 01800638)
- Default Severity
- ERROR
- Log Message
- Dropping EAP packet from RADIUS server due to internal error
- Explanation
- Dropping EAP packet from RADIUS server due to internal error Radius_GetEAPRequest returns inconsistent values: requested length=[length],
actual length=[actuallen].
- Firewall Action
- eap_packet_dropped
- Recommended Action
- None
- Revision
- 1
- Parameters
- length
actuallen
2.36.94. outofmem_forward_eap_packet (ID: 01800639)
- Default Severity
- ERROR
- Log Message
- Out of memory. Unable to create RADIUS request
- Explanation
- Out of memory. Unable to create RADIUS request.
- Firewall Action
- eap_packet_dropped
- Recommended Action
- None
- Revision
- 1
2.36.95. failed_to_send_eap_id_response_to_radius (ID: 01800640)
- Default Severity
- ERROR
- Log Message
- Failed to send the EAP identity response to the RADIUS server
- Explanation
- Failed to send the EAP identity response to the RADIUS server.
- Firewall Action
- eap_packet_dropped
- Recommended Action
- None
- Revision
- 1
2.36.96. no_imsi (ID: 01800641)
- Default Severity
- WARNING
- Log Message
- User IMSI could not be extracted
- Explanation
- No IMSI could be extracted from the user identity (IDi) or fetched from the RADIUS server.
- Firewall Action
- disallowed_login
- Recommended Action
- None
- Revision
- 1
2.36.97. maximum_allowed_tunnels_limit_reached (ID: 01800900)
- Default Severity
- WARNING
- Log Message
- Negotiation aborted due to license restrictions. Reached maximum of <allowed_tunnels> active IPsec tunnels
- Explanation
- More tunnels and/or unique peers than the license allow are trying to establish.
- Firewall Action
- negotiation_aborted
- Recommended Action
- None
- Revision
- 2
- Parameters
- allowed_tunnels
2.36.98. ipsec_sa_destroy_peer_imsi (ID: 01800902)
- Default Severity
- INFORMATIONAL
- Log Message
- IPsec SA destroyed: peer <peer> | IMSI <imsi>
- Explanation
- Inform about destroyed child SA remote peer and IMSI.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- peer
imsi
2.36.99. ipsec_sa_peer_imsi (ID: 01800903)
- Default Severity
- INFORMATIONAL
- Log Message
- Child SA established with peer <peer> using IMSI <imsi>
- Explanation
- Inform about remote peer and IMSI used to establish the child SA.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- imsi
peer
2.36.100. ike_sa_rekeyed (ID: 01800905)
- Default Severity
- INFORMATIONAL
- Log Message
- IKE SA rekeyed, Local IKE peer: <local_ip>:<local_port> <local_id>, Remote IKE peer: <remote_iface>:<remote_ip>:<remote_port>
<remote_id>.
- Explanation
- An IKE SA rekeyed successfully.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 3
- Parameters
- ipsec_if
local_ip
local_port
remote_iface
remote_ip
remote_port
local_id
remote_id
local_ike_spi
remote_ike_spi
initiator
algorithms
lifetime
local_behind_nat
remote_behind_nat
2.36.101. ike_sa_deleted (ID: 01800906)
- Default Severity
- INFORMATIONAL
- Log Message
- IKE SA deleted, Local IKE peer: <local_ip>:<local_port> <local_id>, Remote IKE peer: <remote_iface>:<remote_ip>:<remote_port>
<remote_id>.
- Explanation
- An IKE SA was deleted.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 3
- Parameters
- ipsec_if
local_ip
local_port
remote_iface
remote_ip
remote_port
local_id
remote_id
local_ike_spi
remote_ike_spi
peer_dead
2.36.102. ipsec_sa_created (ID: 01800907)
- Default Severity
- INFORMATIONAL
- Log Message
- IPsec SA created, Source IP: <local_ip>, Destination IP: <remote_ip>, Inbound SPI: <esp_spi_in> Outbound: <esp_spi_out>.
- Explanation
- An IPsec SA was successfully created.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 3
- Parameters
- ipsec_if
local_ip
remote_ip
cfgmode_ip
esp_spi_in
esp_spi_out
ike_spi_i
ike_spi_r
esp_cipher
esp_cipher_keysize
esp_mac
esp_mac_keysize
life_seconds
life_kilobytes
dh_group
dh_bits
local_ts
remote_ts
imsi
2.36.103. ipsec_sa_rekeyed (ID: 01800908)
- Default Severity
- INFORMATIONAL
- Log Message
- IPsec SA rekeyed, Source IP: <local_ip>, Destination IP: <remote_ip>, Inbound SPI: <esp_spi_in>, Outbound SPI: <esp_spi_out>).
- Explanation
- An IPsec SA rekeyed successfully.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 3
- Parameters
- ipsec_if
local_ip
remote_ip
cfgmode_ip
esp_spi_in
esp_spi_out
old_spi
ike_spi_i
ike_spi_r
esp_cipher
esp_cipher_keysize
esp_mac
esp_mac_keysize
life_seconds
life_kilobytes
initiator
dh_group
dh_bits
local_ts
remote_ts
imsi
2.36.104. ipsec_sa_deleted (ID: 01800909)
- Default Severity
- INFORMATIONAL
- Log Message
- IPsec SA deleted, Inbound SPI: <esp_spi_in>, Outbound SPI: <esp_spi_out>).
- Explanation
- An IPsec SA was deleted.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 2
- Parameters
- ipsec_if
esp_spi_in
esp_spi_out
2.36.105. ipsec_sa_keys (ID: 01800910)
- Default Severity
- INFORMATIONAL
- Log Message
- IPsec SA keys, Inbound SPI: <esp_spi_in>, Outbound SPI: <esp_spi_out>.
- Explanation
- Encryption and authentication keys for an IPsec SA.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipsec_if
esp_spi_in
cipher_key_in
mac_key_in
esp_spi_out
cipher_key_out
mac_key_out
2.36.106. out_of_memory (ID: 01801100)
- Default Severity
- ALERT
- Log Message
- Out of memory while trying to report a connection to the UNC.
- Explanation
- System ran out of memory while allocating packet data.
- Firewall Action
- scip_connection_report_not_sent
- Recommended Action
- None
- Revision
- 1
2.36.107. out_of_memory (ID: 01801101)
- Default Severity
- ALERT
- Log Message
- Out of memory while trying to report load to the UNC.
- Explanation
- System ran out of memory while allocating packet data.
- Firewall Action
- scip_load_report_not_sent
- Recommended Action
- None
- Revision
- 1
2.36.108. out_of_memory (ID: 01801102)
- Default Severity
- ALERT
- Log Message
- Out of memory while allocating client context.
- Explanation
- System ran out of memory while allocating client context.
- Firewall Action
- scip_disabled_for_client
- Recommended Action
- None
- Revision
- 1
2.36.109. connected (ID: 01801104)
- Default Severity
- NOTICE
- Log Message
- SCIP connection established with <scip_server> on port <server_port>.
- Explanation
- A SCIP connection was established.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- scip_server
server_port
2.36.110. disconnected (ID: 01801105)
- Default Severity
- NOTICE
- Log Message
- SCIP connection with <scip_server> on port <scip_port> closed.
- Explanation
- A SCIP connection was closed.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- scip_server
scip_port
2.36.111. send_to_closed_scip_connection (ID: 01801106)
- Default Severity
- NOTICE
- Log Message
- SCIP-packet dropped while trying to sen to a closed SCIP connection.
- Explanation
- SCIP-packet dropped while trying to sen to a closed SCIP connection.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 2
2.36.112. send_failed_no_free_socket (ID: 01801107)
- Default Severity
- WARNING
- Log Message
- No more SCIP sockets available. Could not connect to address <ipaddress>:<port>.
- Explanation
- SCIP-packet dropped. Out of sockets. No new connection could be set up.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddress
port
2.36.113. trigger_non_ip_packet (ID: 01802001)
- Default Severity
- WARNING
- Log Message
- Trigger for non-IP packet of protocol <proto>. Dropping request for policy
- Explanation
- Trigger for non IP packet, dropping request.
- Firewall Action
- dropping_request
- Recommended Action
- None
- Revision
- 1
- Parameters
- proto
2.36.114. rule_not_active (ID: 01802002)
- Default Severity
- WARNING
- Log Message
- The rule is not in the active configuration. Dropping request for policy
- Explanation
- The rule is not in the active configuration, dropping request.
- Firewall Action
- dropping_request
- Recommended Action
- None
- Revision
- 1
2.36.115. malformed_packet (ID: 01802003)
- Default Severity
- WARNING
- Log Message
- Malformed packet for trigger.Dropping request for policy
- Explanation
- Malformed packet for trigger, dropping request.
- Firewall Action
- dropping_request
- Recommended Action
- None
- Revision
- 1
2.36.116. max_ipsec_sa_negotiations_reached (ID: 01802004)
- Default Severity
- WARNING
- Log Message
- The maximum number of active Quick-Mode negotiations reached. Rekey not done.
- Explanation
- Maximum number of active Quick-Mode negotiations reached.
- Firewall Action
- rekey_not_done
- Recommended Action
- None
- Revision
- 1
2.36.117. run_out_of_ike_sa (ID: 01802010)
- Default Severity
- WARNING
- Log Message
- Running out of IKE SAs (<num_p1_negs_active> concurrent IKE negotiations). Dropped new IKE SA request from <ikestr>
- Explanation
- Running out of IKE SAs dropping new IKE SA request.
- Firewall Action
- drop_new_ike_sa_request
- Recommended Action
- None
- Revision
- 1
- Parameters
- num_p1_negs_active
ikestr
2.36.118. PSK_length_invalid (ID: 01802012)
- Default Severity
- INFORMATIONAL
- Log Message
- Remote identity specifies PSK that is not usable for selected IKE SA MAC algorithm (xcbcmac-aes)
- Explanation
- PSK key length invalid for xcbcmac-aes (restriced to 16 chars).
- Firewall Action
- authentication_failed
- Recommended Action
- Reconfigure_VPN.
- Revision
- 1
- Parameters
- maxtunnels
2.36.119. ike_sa_rekey_failed (ID: 01802020)
- Default Severity
- WARNING
- Log Message
- Rekey of IKE sa failed: <statusmsg> (<status>), Local IKE peer: <local_peer>, Remote IKE peer: <remote_peer>, Initiator SPI:
<spi_i>, Responder SPI: <spi_r>.
- Explanation
- Rekey of IKE SA failed.
- Firewall Action
- no_new_ike_sa
- Recommended Action
- None
- Revision
- 3
- Parameters
- statusmsg
status
local_peer
remote_peer
spi_i
spi_r
old_spi_i
old_spi_r
initiator
2.36.120. ike_sa_statistics (ID: 01802021)
- Default Severity
- INFORMATIONAL
- Log Message
- IKE SA negotiations: <done> done, <success> successful, <failed> failed
- Explanation
- Ike SA statistics.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- done
success
failed
2.36.121. ike_sa_failed (ID: 01802022)
- Default Severity
- WARNING
- Log Message
- IKE SA negotiation failed: <statusmsg> <reason>, Local IKE peer: <local_peer>, Remote IKE peer: <remote_peer>, Initiator SPI:
<spi_i>, Responder SPI: <spi_r>.
- Explanation
- Negotiation of IKE SA failed.
- Firewall Action
- no_ike_sa
- Recommended Action
- None
- Revision
- 6
- Parameters
- statusmsg
reason
local_peer
remote_peer
spi_i
spi_r
initiator
ipsec_if
2.36.122. ike_sa_statistics (ID: 01802023)
- Default Severity
- INFORMATIONAL
- Log Message
- IKE SA negotiations: <done> done, <success> successful, <failed> failed
- Explanation
- Ike SA statistics.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- done
success
failed
2.36.123. ipsec_sa_failed (ID: 01802049)
- Default Severity
- INFORMATIONAL
- Log Message
- IPsec SA negotiation failed: <statusmsg> <reason> Local IKE peer: <local_peer> Remote IKE peer: <remote_peer> Initiator SPI:
<ike_spi_i> Responder SPI: <ike_spi_r>.
- Explanation
- IPsec SA negotiation failed.
- Firewall Action
- ipsec_sa_disabled
- Recommended Action
- None
- Revision
- 2
- Parameters
- statusmsg
reason
local_peer
remote_peer
ike_spi_i
ike_spi_r
2.36.124. nat_mapping_changed_ike (ID: 01802050)
- Default Severity
- INFORMATIONAL
- Log Message
- NAT mapping changed, Local endpoint: <local_endpoint>, Remote endpoint: <remote_endpoint>, Initiator SPI: <ike_spi_i>, Responder
SPI: <ike_spi_r>, IP address: <ip_addr> New port: <port>.
- Explanation
- NAT mappings changed for an IKE SA.
- Firewall Action
- updating_ike_sa
- Recommended Action
- None
- Revision
- 2
- Parameters
- local_endpoint
remote_endpoint
ike_spi_i
ike_spi_r
ip_addr
port
2.36.125. nat_mapping_change_not_allowed (ID: 01802051)
- Default Severity
- INFORMATIONAL
- Log Message
- NAT mapping change not allowed, Local endpoint: <local_endpoint>, Remote endpoint: <remote_endpoint>, Initiator SPI: <ike_spi_i>,
Responder SPI: <ike_spi_r>, New IP address: <ip_addr> New port: <port>.
- Explanation
- NAT mappings changed for an IKE SA.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 2
- Parameters
- local_endpoint
remote_endpoint
ike_spi_i
ike_spi_r
ip_addr
port
2.36.126. ipsec_sa_negotiation_aborted (ID: 01802060)
- Default Severity
- ERROR
- Log Message
- IPsec SA Negotiation aborted: AH can not be initiated with NAT-T
- Explanation
- Negotiation aborted since AH can not be initiated with NAT-T.
- Firewall Action
- ipsec_sa_negotiation_aborted
- Recommended Action
- None
- Revision
- 1
2.36.127. could_not_narrow_traffic_selectors (ID: 01802061)
- Default Severity
- ERROR
- Log Message
- Could not narrow traffic selectors SA from policy rule
- Explanation
- Failed to narrow configured traffic selectors.
- Firewall Action
- ipsec_sa_negotiation_aborted
- Recommended Action
- Reconfigure_VPN.
- Revision
- 1
2.36.128. failed_to_narrow_traffic_selectors (ID: 01802062)
- Default Severity
- ERROR
- Log Message
- Failed to narrow traffic selectors SA remote access clients
- Explanation
- Failed to narrow traffic selector for config mode client.
- Firewall Action
- ipsec_sa_negotiation_aborted
- Recommended Action
- None
- Revision
- 2
2.36.129. malformed_remote_id_configured (ID: 01802070)
- Default Severity
- ERROR
- Log Message
- Malformed Remote IKE identity <remoteid> configured for tunnel
- Explanation
- Malformed remote identity for PSK specified in configuration.
- Firewall Action
- VPN_tunnel_invalid
- Recommended Action
- Reconfigure_remote_id.
- Revision
- 1
- Parameters
- remoteid
2.36.130. malformed_psk_configured (ID: 01802071)
- Default Severity
- ERROR
- Log Message
- Malformed IKE secret (PSK) configured for tunnel
- Explanation
- Malformed IKE secret specified in configuration.
- Firewall Action
- VPN_tunnel_invalid
- Recommended Action
- Reconfigure_PSK.
- Revision
- 1
2.36.131. nat_mapping_changed_ipsec (ID: 01802080)
- Default Severity
- INFORMATIONAL
- Log Message
- NAT mapping changed, Local endpoint: <local_endpoint>, Remote endpoint: <remote_endpoint>, New port: <port>, SPI: <esp_spi_in>.
- Explanation
- NAT mappings changed for an IPsec SA.
- Firewall Action
- updating_ipsec_sa
- Recommended Action
- None
- Revision
- 1
- Parameters
- local_endpoint
remote_endpoint
port
esp_spi_in
2.36.132. no_authentication_method_specified (ID: 01802100)
- Default Severity
- ERROR
- Log Message
- Neither pre-shared keys nor CA certificates nor EAP are specified for a tunnel
- Explanation
- No authentication method is specified for the tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.133. invalid_authentication_algorithm_configured (ID: 01802101)
- Default Severity
- ERROR
- Log Message
- AES counter mode cannot be used without an authentication algorithm
- Explanation
- AES counter mode specified but no authentication algoritm specified for tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.134. no_key_method_configured_for tunnel (ID: 01802102)
- Default Severity
- ERROR
- Log Message
- Tunnel does not specify any keying method (IKE or manual)
- Explanation
- No keying method (IKE/manual) is configured for tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.135. invalid_configuration_of_force_open (ID: 01802103)
- Default Severity
- ERROR
- Log Message
- Auto-start rule specifies more than one traffic selector item and no IKE peer is specified
- Explanation
- Can not use Auto-start rule (force open) for roaming tunnels.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.136. invalid_configuration_of_force_open (ID: 01802104)
- Default Severity
- ERROR
- Log Message
- Auto-start rule does not specify single IP address or domain name for its remote peer
- Explanation
- Can not use Auto-start rule (force open) for roaming tunnels.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.137. invalid_rule_setting (ID: 01802105)
- Default Severity
- ERROR
- Log Message
- Both REJECT and PASS defined for a rule
- Explanation
- Can not specify both pass and reject for a rule.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.138. invalid_rule_setting (ID: 01802107)
- Default Severity
- ERROR
- Log Message
- To-tunnel specified for a REJECT rule
- Explanation
- To-tunnel can not be specified for REJECT rule.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.139. max_number_of_policy_rules_reached (ID: 01802110)
- Default Severity
- CRITICAL
- Log Message
- The maximum number of policy rules reached
- Explanation
- The maximum number of policy rules reached.
- Firewall Action
- VPN_configuration_disabled
- Recommended Action
- Review the advanced setting IPsecMaxRules.
- Revision
- 2
2.36.140. input_traffic_selector_corrupt (ID: 01802111)
- Default Severity
- ERROR
- Log Message
- Input traffic selector is corrupt. Cannot parse input traffic selector
- Explanation
- No authentication method is specified for the tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.141. input_traffic_selector_corrupt (ID: 01802112)
- Default Severity
- ERROR
- Log Message
- Input traffic selector contains more than the built in maximum number of items
- Explanation
- Input traffic selector contains more than the built in maximum number of items: IPSEC_MAX_RULE_TRAFFIC_SELECTORS_ITEMS.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.142. invalid_traffic_selectors (ID: 01802113)
- Default Severity
- ERROR
- Log Message
- Specified traffic selectors for the rule's are invalid
- Explanation
- Invalid traffic selectors are configured for tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 1
2.36.143. suspicious_outbound_rule (ID: 01802114)
- Default Severity
- ERROR
- Log Message
- Detected suspicious outbound IPsec rule without any selectors
- Explanation
- Detected suspicious outbound IPsec rule without any selectors specified.
- Firewall Action
- the_rule_might_not_work
- Recommended Action
- Reconfigure_IPsec.
- Revision
- 2
2.36.144. failed_to_add_rule_to_engine (ID: 01802115)
- Default Severity
- ERROR
- Log Message
- Failed to add rule to engine database
- Explanation
- Failed to add rule to engine database.
- Firewall Action
- tunnel_will_not_work_as_expected
- Recommended Action
- None
- Revision
- 1
2.36.145. no_algorithms_configured_for_tunnel (ID: 01802200)
- Default Severity
- ERROR
- Log Message
- ESP tunnel is missing encryption and authentication algorithms
- Explanation
- ESP tunnel [tunnel] not configured with encryption and authentication algorithms.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- tunnel
2.36.146. no_encryption_algorithm_configured_for_tunnel (ID: 01802201)
- Default Severity
- ERROR
- Log Message
- ESP tunnel <tunnel> is missing encryption algorithm. Null encryption algorithm must be specified if no encryption is required
- Explanation
- ESP tunnel not configured with any encryption algorithm, not even Null.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- tunnel
2.36.147. esp_null-null_configuration (ID: 01802202)
- Default Severity
- ERROR
- Log Message
- ESP NULL-NULL is proposed for this tunnel <tunnel>. This is forbidden by RFC 2406.
- Explanation
- Tunnel is configured with invalid algorithm: ESP NULL-NULL.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- tunnel
2.36.148. no_authentication_algorithm_specified (ID: 01802203)
- Default Severity
- ERROR
- Log Message
- No authentication algorithm configured for AH tunnel <tunnel>
- Explanation
- AH tunnel is configured without spetication algorithm.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- tunnel
2.36.149. AH_not_supported (ID: 01802204)
- Default Severity
- ERROR
- Log Message
- AH configured but not supported
- Explanation
- Tunnel [tunnel] configured for AH, but AH is not supported.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- tunnel
2.36.150. invalid_cipher_keysize (ID: 01802205)
- Default Severity
- ERROR
- Log Message
- Configured max cipher key size <keysize> for tunnel <tunnel> is bigger than the built-in maximum <max>
- Explanation
- Tunnel configured invalid key size for cipher.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- keysize
tunnel
max
2.36.151. invalid_mac_keysize (ID: 01802206)
- Default Severity
- ERROR
- Log Message
- Configured max MAC key size <keysize> is bigger for tunnel <tunnel> than the built-in maximum <max>
- Explanation
- Tunnel configured with invalid key size for cipher.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- keysize
tunnel
max
2.36.152. invalid_tunnel_configuration (ID: 01802207)
- Default Severity
- ERROR
- Log Message
- Misconfiguration for tunnel <tunnel> Anti-replay detection must be enabled when using 64 bit sequence numbers
- Explanation
- Anti-replay detection must be enabled when using 64 bit sequence numbers.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- tunnel
2.36.153. invalid_tunnel_configuration (ID: 01802208)
- Default Severity
- ERROR
- Log Message
- No IPsec transform (AH or ESP) specified for tunnel <tunnel>
- Explanation
- IPsec transform type must be specified for tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 2
- Parameters
- tunnel
2.36.154. invalid_tunnel_configuration (ID: 01802209)
- Default Severity
- ERROR
- Log Message
- Auto-start tunnel <tunnel> configured for `per-port' or `per-host' SA.
- Explanation
- `per-port' or `per-host' SA can not be specified for auto-start tunnels [tunnel].
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- tunnel
2.36.155. invalid_tunnel_configuration (ID: 01802210)
- Default Severity
- ERROR
- Log Message
- Both `auto-start' and `dont-initiate' specified for tunnel <tunnel>
- Explanation
- Both `auto-start' and `dont-initiate' can not be specified for a tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- tunnel
2.36.156. out_of_memory_for_tunnel (ID: 01802211)
- Default Severity
- ERROR
- Log Message
- Out of memory. Could not allocate memory for tunnel name! <tunnel>
- Explanation
- Out of memory. Could not allocate memory for tunnel name!.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- None
- Revision
- 1
- Parameters
- tunnel
2.36.157. out_of_memory_for_tunnel (ID: 01802212)
- Default Severity
- ERROR
- Log Message
- Out of memory. Could not allocate memory tunnel <tunnel> endpoints
- Explanation
- Out of memory. Could not allocate memory for tunnel endpoints!.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- None
- Revision
- 1
- Parameters
- tunnel
2.36.158. invalid_length_of_PSK_when_used_with_AES-XCBC_MAC (ID: 01802213)
- Default Severity
- ERROR
- Log Message
- Invalid length of local secret for tunnel when configured to use AES-XCBC Mac algorithm
- Explanation
- Local secret must be 16 octets long to be usable for AES-XCBC Mac algorithm.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 2
2.36.159. invalid_key_size (ID: 01802214)
- Default Severity
- ERROR
- Log Message
- Invalid key sizes specified for algorithms
- Explanation
- Invalid key sizes specified for algorithms.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 2
2.36.160. invalid_key_size (ID: 01802215)
- Default Severity
- ERROR
- Log Message
- Algorithm key sizes specified for unknown algorithm
- Explanation
- Algorithm key sizes specified for unknown algorithm.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 2
2.36.161. invalid_key_size (ID: 01802216)
- Default Severity
- ERROR
- Log Message
- Algorithm key sizes specified for unknown algorithm
- Explanation
- Algorithm key sizes specified for unknown algorithm.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 2
2.36.162. invalid_key_size (ID: 01802217)
- Default Severity
- ERROR
- Log Message
- Specified key size limits for cipher <alg> with fixed key size
- Explanation
- Configuration specifies key size limits for cipher with fixed key size.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 2
- Parameters
- alg
2.36.163. invalid_cipher_keysize (ID: 01802218)
- Default Severity
- ERROR
- Log Message
- Configured max cipher key size <keysize> is bigger than the built-in maximum <max>
- Explanation
- Tunnel configured invalid key size for cipher.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- keysize
max
2.36.164. invalid_key_size (ID: 01802219)
- Default Severity
- ERROR
- Log Message
- Tunnel specified key size limits for mac <alg> with fixed key size
- Explanation
- Configuration specifies key size limits for cipher with fixed key size.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- alg
2.36.165. invalid_cipher_keysize (ID: 01802220)
- Default Severity
- ERROR
- Log Message
- Configured max MAC key size <keysize> is bigger than the built-in maximum <max>
- Explanation
- Tunnel configured invalid key size for MAC.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_tunnel.
- Revision
- 1
- Parameters
- keysize
max
2.36.166. no_matching_tunnel_found (ID: 01802221)
- Default Severity
- ERROR
- Log Message
- No tunnel found matching the local address <localaddr> , remote address <remoteaddr> and source interface <srcif>
- Explanation
- No tunnel found matching the local address and remote address.
- Firewall Action
- packet_will_be_discarded
- Recommended Action
- None
- Revision
- 1
- Parameters
- localaddr
remoteaddr
srcif
2.36.167. no_tunnel_id_specified (ID: 01802222)
- Default Severity
- ERROR
- Log Message
- No tunnel identity specified for tunnel
- Explanation
- No tunnel identity specified in configuration.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_VPN.
- Revision
- 1
2.36.168. several_local_id_specified_for_tunnel (ID: 01802223)
- Default Severity
- ERROR
- Log Message
- More than one local id specified for tunnel
- Explanation
- Cannot add more than one local identity to a tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_VPN.
- Revision
- 1
2.36.169. several_local_id_specified_for_tunnel (ID: 01802224)
- Default Severity
- ERROR
- Log Message
- More than one remote id specified for tunnel
- Explanation
- Cannot add more than one remote identity to a tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_VPN.
- Revision
- 1
2.36.170. malformed_tunnel_id_configured (ID: 01802225)
- Default Severity
- ERROR
- Log Message
- Malformed identity <id> configured for tunnel
- Explanation
- Malformed identity specified in configuration.
- Firewall Action
- VPN_tunnel_invalid
- Recommended Action
- Reconfigure_remote_id.
- Revision
- 1
- Parameters
- id
2.36.171. several_secrets_specified_for_tunnel (ID: 01802226)
- Default Severity
- ERROR
- Log Message
- More than one secret specified for tunnel
- Explanation
- Cannot add more configure more than one secret for a tunnel.
- Firewall Action
- VPN_tunnel_disabled
- Recommended Action
- Reconfigure_VPN.
- Revision
- 1
2.36.172. malformed_psk_configured (ID: 01802228)
- Default Severity
- ERROR
- Log Message
- Malformed IKE secret (PSK) configured for tunnel
- Explanation
- Malformed IKE secret specified in configuration.
- Firewall Action
- VPN_tunnel_invalid
- Recommended Action
- Reconfigure_PSK.
- Revision
- 1
2.36.173. max_ike_sa_reached (ID: 01802400)
- Default Severity
- WARNING
- Log Message
- The maximum number of active IKE SAs reached
- Explanation
- Maximum number of active IKE SAs reached.
- Firewall Action
- negotiation_aborted
- Recommended Action
- Review your configuration or upgrade license.
- Revision
- 3
2.36.174. max_ike_rekeys_reached (ID: 01802401)
- Default Severity
- NOTICE
- Log Message
- The maximum number of active IKE rekeys reached
- Explanation
- Maximum number of active IKE rekeys reached.
- Firewall Action
- rekey_aborted
- Recommended Action
- None
- Revision
- 1
2.36.175. max_phase1_sa_reached (ID: 01802402)
- Default Severity
- NOTICE
- Log Message
- The maximum number of active Phase-1 negotiations reached
- Explanation
- Maximum number of active Phase-1 negotiations reached.
- Firewall Action
- negotiation_aborted
- Recommended Action
- None
- Revision
- 1
2.36.176. max_active_quickmode_negotiation_reached (ID: 01802403)
- Default Severity
- NOTICE
- Log Message
- The maximum number of active Quick-Mode negotiations reached
- Explanation
- Maximum number of active Quick-Mode negotiations reached.
- Firewall Action
- quick-mode_not_done
- Recommended Action
- None
- Revision
- 1
2.36.177. warning_level_active_ipsec_sas_reached (ID: 01802404)
- Default Severity
- WARNING
- Log Message
- The number of active IPsec SA:s reached 90%
- Explanation
- The number of active IPsec SA:s reached 90%.
- Firewall Action
- ipsec_sa_created
- Recommended Action
- None
- Revision
- 1
2.36.178. warning_level_ike_sa_reached (ID: 01802405)
- Default Severity
- WARNING
- Log Message
- The number of active IKE SAs reached 90% of the maximum allowed
- Explanation
- The number of active IKE SAs reached 90% of the maximum allowed.
- Firewall Action
- negotiation_done
- Recommended Action
- None
- Revision
- 1
2.36.179. max_ipsec_sa_reached (ID: 01802406)
- Default Severity
- WARNING
- Log Message
- The maximum number of active IPsec SAs reached
- Explanation
- Maximum number of active IPsec SAs reached.
- Firewall Action
- negotiation_aborted
- Recommended Action
- Review your configuration or upgrade license.
- Revision
- 1
2.36.180. invalid_format_syslog_audit (ID: 01802500)
- Default Severity
- NOTICE
- Log Message
- Cannot use binary formatting for syslog auditing.
- Explanation
- Cannot use binary formatting for syslog auditing.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.181. cannot_create_audit_file_context (ID: 01802501)
- Default Severity
- NOTICE
- Log Message
- Cannot create audit file context. Filename for audit: <filename>
- Explanation
- Cannot create audit file context.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- filename
2.36.182. could_not_decode_certificate (ID: 01802600)
- Default Severity
- WARNING
- Log Message
- Could not decode Certificate to pem format. The certificate may be corrupted or it was given in unrecognized format.
- Explanation
- Could_not_decode_certificate.
- Firewall Action
- certificate_invalid
- Recommended Action
- None
- Revision
- 1
2.36.183. could_not_convert_certificate (ID: 01802601)
- Default Severity
- WARNING
- Log Message
- Could not convert CMi certificate to X.509 certificate
- Explanation
- Could not convert CMi certificate to X.509 certificate.
- Firewall Action
- certificate_invalid
- Recommended Action
- None
- Revision
- 1
2.36.184. could_not_get_subject_nam_from_ca_cert (ID: 01802602)
- Default Severity
- WARNING
- Log Message
- Could not get subject name from a CA certificate. This certificate is not usable as an IPsec authenticator and is not inserted
into loal list of trusted CAs
- Explanation
- Could not get subject name from a CA certificate.
- Firewall Action
- certificate_not_trusted
- Recommended Action
- None
- Revision
- 1
2.36.185. could_not_set_cert_to_non_CRL_issuer (ID: 01802603)
- Default Severity
- WARNING
- Log Message
- Could not set CA certificate to non-CRL issuer. This may cause authentication errors if valid CRLs are not available
- Explanation
- Could not set CA certificate to non-CRL issuer.
- Firewall Action
- certificate_not_usable_if_no_valid_CRLs
- Recommended Action
- None
- Revision
- 1
2.36.186. could_not_force_cert_to_be_trusted (ID: 01802604)
- Default Severity
- WARNING
- Log Message
- Could not force CA certificate as a point of trust
- Explanation
- Could not force CA certificate as a point of trust.
- Firewall Action
- certificate_disabled
- Recommended Action
- None
- Revision
- 1
2.36.187. could_not_trusted_set_for_cert (ID: 01802605)
- Default Severity
- WARNING
- Log Message
- Could not set the trusted set for a CA certificate
- Explanation
- Could not set the trusted set for a CA certificate.
- Firewall Action
- certificate_disabled
- Recommended Action
- None
- Revision
- 1
2.36.188. could_not_insert_cert_to_db (ID: 01802606)
- Default Severity
- ERROR
- Log Message
- Can not insert CA certificate into local database
- Explanation
- Can not insert CA certificate into local database.
- Firewall Action
- certificate_disabled
- Recommended Action
- None
- Revision
- 1
2.36.189. could_not_decode_certificate (ID: 01802607)
- Default Severity
- WARNING
- Log Message
- Could not decode Certificate to pem format. The certificate may be corrupted or it was given in unrecognized format.
- Explanation
- Could_not_decode_certificate.
- Firewall Action
- certificate_invalid
- Recommended Action
- None
- Revision
- 1
2.36.190. could_not_lock_certificate (ID: 01802608)
- Default Severity
- WARNING
- Log Message
- Could not lock certificate in cache
- Explanation
- Could not lock certificate in cache.
- Firewall Action
- certificate_invalid
- Recommended Action
- None
- Revision
- 1
2.36.191. could_not_insert_cert_to_db (ID: 01802609)
- Default Severity
- ERROR
- Log Message
- Could not insert certificate into local database
- Explanation
- Could not insert certificate into local database.
- Firewall Action
- certificate_disabled
- Recommended Action
- None
- Revision
- 1
2.36.192. could_not_decode_crl (ID: 01802610)
- Default Severity
- WARNING
- Log Message
- Could not decode CRL. The certificate may be corrupted or it was given in unrecognized format. File format may be wrong
- Explanation
- Could_not_decode_CRL.
- Firewall Action
- certificate_invalid
- Recommended Action
- None
- Revision
- 1
2.36.193. http_crl_failed (ID: 01802611)
- Default Severity
- ERROR
- Log Message
- Failed to get CRL over HTTP. <reason>
- Explanation
- CRL couldn't be fetched from the URL specified in the certificate.
- Firewall Action
- None
- Recommended Action
- Check your connectivity to the URL or disable CRL lookup on you certificates. Note that disabling the CRL lookup cause the
gateway to accept certificates that may have been revoked by the certificate authority.
- Revision
- 1
- Parameters
- reason
url
2.36.194. Certificate_contains_bad_IP_address (ID: 01802705)
- Default Severity
- WARNING
- Log Message
- Certificate contains bad IP address: length=<len>
- Explanation
- Certificate contains bad IP address.
- Firewall Action
- try_next_certificate
- Recommended Action
- None
- Revision
- 1
- Parameters
- len
2.36.195. dn_name_as_subject_alt_name (ID: 01802706)
- Default Severity
- WARNING
- Log Message
- Directory names are not supported as subject alternative names. Skipping DN: <dn_name>
- Explanation
- Directory specified as subject alternative name.
- Firewall Action
- skip_dn_name
- Recommended Action
- None
- Revision
- 1
- Parameters
- dn_name
2.36.196. could_not_decode_certificate (ID: 01802707)
- Default Severity
- WARNING
- Log Message
- Could not decode Certificate to pem format. The certificate may be corrupted or it was given in unrecognized format.
- Explanation
- Could_not_decode_certificate.
- Firewall Action
- certificate_invalid
- Recommended Action
- None
- Revision
- 1
2.36.197. cfgmode_exchange_event (ID: 01802709)
- Default Severity
- INFORMATIONAL
- Log Message
- Event occured for config mode <cfgmode> exchange: <msg>. Internal severity level: <int_severity>
- Explanation
- Config mode exchange event.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- cfgmode
msg
int_severity
2.36.198. remote_access_address (ID: 01802710)
- Default Severity
- INFORMATIONAL
- Log Message
- Addresses for remote access attributes: <ipaddr> expires time <time>
- Explanation
- Addresses for remote access attributes.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddr
time
2.36.199. remote_access_dns (ID: 01802711)
- Default Severity
- INFORMATIONAL
- Log Message
- DNS for remote access attributes: <dns_server>
- Explanation
- DNS for remote access attributes.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- dns_server
2.36.200. remote_access_wins (ID: 01802712)
- Default Severity
- INFORMATIONAL
- Log Message
- WINS for remote access attributes: <win>
- Explanation
- WINS for remote access attributes.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- win
2.36.201. remote_access_dhcp (ID: 01802713)
- Default Severity
- INFORMATIONAL
- Log Message
- DHCP for remote access attributes: <dhcp_s>
- Explanation
- DHCP remote access attributes.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- dhcp_s
2.36.202. remote_access_subnets (ID: 01802714)
- Default Severity
- INFORMATIONAL
- Log Message
- Subnets remote access attributes: <subnets>
- Explanation
- Subnets remote access attributes.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- subnets
2.36.203. event_on_ike_sa (ID: 01802715)
- Default Severity
- WARNING
- Log Message
- Event: <msg> occured for IKE SA: <side>. Internal severity level: <int_severity>
- Explanation
- Event occured at IKE SA.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- side
msg
int_severity
2.36.204. ipsec_sa_selection_failed (ID: 01802717)
- Default Severity
- WARNING
- Log Message
- Selection of IPsec SA failed due to <reason>. Internal severity level: <int_severity>
- Explanation
- Failed to select a SA.
- Firewall Action
- no_ipsec_sa_selected
- Recommended Action
- None
- Revision
- 2
- Parameters
- reason
int_severity
2.36.205. crl_search_failed (ID: 01802719)
- Default Severity
- WARNING
- Log Message
- Certificate manager search failure: <reason>. Internal severity level: <int_severity>
- Explanation
- Search for a CRL failed. Certificate validation will conintue as CRL checks are not enforced by the current configuration.
- Firewall Action
- continuing
- Recommended Action
- None
- Revision
- 1
- Parameters
- reason
int_severity
2.36.206. outofmem_create_policy_manager (ID: 01802800)
- Default Severity
- CRITICAL
- Log Message
- Failed to create Policy Manger
- Explanation
- Could not allocate memory for policymanager object.
- Firewall Action
- ipsec_disabled
- Recommended Action
- None
- Revision
- 1
2.36.207. ek_accelerator_disabled (ID: 01802801)
- Default Severity
- ERROR
- Log Message
- Failed to set external key accelerator
- Explanation
- Invalid type of external key accelerator defined.
- Firewall Action
- ipsec_disabled
- Recommended Action
- None
- Revision
- 1
2.36.208. ek_accelerator_disabled (ID: 01802802)
- Default Severity
- ERROR
- Log Message
- Failed to set init info to external key accelerator
- Explanation
- Invalid init info to external key accelerator.
- Firewall Action
- ipsec_disabled
- Recommended Action
- None
- Revision
- 1
2.36.209. outofmem_create_engine (ID: 01802901)
- Default Severity
- CRITICAL
- Log Message
- Failed to allocate memory for engine object
- Explanation
- Could not allocate memory for engine object.
- Firewall Action
- ipsec_disabled
- Recommended Action
- None
- Revision
- 1
2.36.210. failed_init_fastpath (ID: 01802902)
- Default Severity
- CRITICAL
- Log Message
- Failed to initialize fastpath
- Explanation
- Failed to initialize fastpath.
- Firewall Action
- ipsec_disabled
- Recommended Action
- None
- Revision
- 1
2.36.211. init_rulelooklup_failed (ID: 01802903)
- Default Severity
- CRITICAL
- Log Message
- Initialization of rule lookup failed
- Explanation
- Initialization of rule lookup failed.
- Firewall Action
- ipsec_disabled
- Recommended Action
- None
- Revision
- 1
2.36.212. init_rule_looklup_failed (ID: 01802904)
- Default Severity
- CRITICAL
- Log Message
- Allocating default drop rule failed!
- Explanation
- Allocating default drop rule failed!.
- Firewall Action
- ipsec_disabled
- Recommended Action
- None
- Revision
- 1
2.36.213. init_rule_looklup_failed (ID: 01802905)
- Default Severity
- CRITICAL
- Log Message
- allocating default pass rule failed!
- Explanation
- Allocating default pass rule failed!.
- Firewall Action
- ipsec_disabled
- Recommended Action
- None
- Revision
- 1
2.36.214. maximum_nr_of_ipsec_sa_per_ike_sa_reached (ID: 01803000)
- Default Severity
- ERROR
- Log Message
- Maximum number (<max_ipsec>) of allowed IPsec SAs per IKE SA reached by peer <peerip>
- Explanation
- Maximum number of allowed IPsec SA per IKE SA reached by peer.
- Firewall Action
- Discarding request and sending No Additional SAs response
- Recommended Action
- Discarding request and sending No Additional SAs response.
- Revision
- 1
- Parameters
- max_ipsec
peerip
2.36.215. ipsec_sa_per_ike_sa_limit_violated_too_many_times (ID: 01803001)
- Default Severity
- ERROR
- Log Message
- Maximum number of IPsec SAs limit has been violated too many times (<limit>)
- Explanation
- Maximum number of IPsec SAs limit has been violated too many times.
- Firewall Action
- Discarding request and deleting SA
- Recommended Action
- Discarding request and deleting SA.
- Revision
- 2
- Parameters
- limit
2.36.216. certificate_validation_check_failed (ID: 01803100)
- Default Severity
- WARNING
- Log Message
- Warning: Host certificate <certname> has expired <not_valid_after>
- Explanation
- Host certificate has expired.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- certname
not_valid_after
2.36.217. certificate_validation_check_warning (ID: 01803101)
- Default Severity
- WARNING
- Log Message
- Warning: Host certificate <certname> expires <not_valid_after>
- Explanation
- Host certificate expires within two days.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- certname
not_valid_after
2.36.218. audit_event (ID: 01803200)
- Default Severity
- INFORMATIONAL
- Log Message
- An audit event occured: <msg>. Internal severity level: <int_severity>
- Explanation
- An audit event occured in the IPsec stack.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- msg
int_severity
2.36.219. failed_to_link_ike_and_userauth (ID: 01803300)
- Default Severity
- WARNING
- Log Message
- Failed to link IKE SA with userauth object. No userauth object were found for peer <peer> with IMSI <imsi>. The imported
SA will be destroyed.
- Explanation
- Failed to link an imported IKE SA with an userauthentication object.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 2
- Parameters
- peer
imsi
2.36.220. failed_to_find_userauthobject_for_ipsec_sa (ID: 01803302)
- Default Severity
- NOTICE
- Log Message
- No userauth object were found for IP <cfgmodeip> on iface <iface>. The IPsec SA will not be imported.
- Explanation
- Failed to find an userauth object when importing a IPsec SA. The IPsec SA will not be imported.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 2
- Parameters
- cfgmodeip
iface
2.36.221. modexp_accel_failed (ID: 01803400)
- Default Severity
- NOTICE
- Log Message
- Hardware acceleration of modexp calculation failed due to <msg>.
- Explanation
- The failed calculation will be made in software instead. Hardware acceleration can fail due to valid reasons like a full request
queue. A lot of these logs during a short timeframe could indicate issues with hardware acceleration.
- Firewall Action
- None
- Recommended Action
- Verify that the firewall is not in a overloaded state. If it's not overloaded and a lot of these logs is generated, contact
the support and report this issue.
- Revision
- 2
- Parameters
- msg
2.36.222. eap_authentication_failed (ID: 01803500)
- Default Severity
- WARNING
- Log Message
- EAP Authentication failed (<errorcode>).
- Explanation
- Client failed EAP authentication.
- Firewall Action
- ike_negotiation_aborted
- Recommended Action
- None
- Revision
- 1
- Parameters
- errorcode
2.36.223. monitored_host_reachable (ID: 01803600)
- Default Severity
- INFORMATIONAL
- Log Message
- Monitored host <ip> is reachable over tunnel <tunnel>.
- Explanation
- Monitored host started to respond on ICMP ping.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- ip
tunnel
2.36.224. monitored_host_unreachable (ID: 01803601)
- Default Severity
- WARNING
- Log Message
- Monitored host <ip> didn't respond. Deleting all IKE and IPsec SAs for tunnel <tunnel>
- Explanation
- Monitored host didn't respond on ICMP ping. All IKE and IPsec SAs for the tunnel interface will be deleted and traffic routed
into the tunnel will trigger a new IKE negotiation against the remote peer.
- Firewall Action
- sas_deleted
- Recommended Action
- Check the connectivity of the monitored host.
- Revision
- 1
- Parameters
- ip
tunnel
2.36.225. failed_to_attach_radius (ID: 01803700)
- Default Severity
- WARNING
- Log Message
- Failed to attach RADIUS (<errorcode>) server in IKE negotiation for peer <peer_ip>:<peer_port>
- Explanation
- Failed to attach RADIUS server communication, IKE negotiation will fail.
- Firewall Action
- fail_ike_negotiation
- Recommended Action
- None
- Revision
- 1
- Parameters
- errorcode
peer_ip
peer_port
2.36.226. failed_to_attach_radius (ID: 01803701)
- Default Severity
- WARNING
- Log Message
- Failed to attach RADIUS (<errorcode>) server in IKE negotiation for peer <peer_ip>:<peer_port>
- Explanation
- Failed to attach RADIUS server communication, IKE negotiation will fail.
- Firewall Action
- fail_ike_negotiation
- Recommended Action
- None
- Revision
- 1
- Parameters
- errorcode
peer_ip
peer_port
cOS Core 15.00.01 Log Reference Guide
