Filter
Top Products
Appendix B Log Descriptions
ZyWALL USG 300 User’s Guide
673
App Patrol Name=%s
Type=%s %s=%d
Protocol=%s Action=%s
Packets logging. 1st %s: Protocol Name, 2nd %s: Category Name, 3rd
%s: Default Rule or Exception Rule, 1st %d: Rule Index, 4th %s: TCP
or UDP, 5th %s: Action.
App Patrol resources
ran out. User %s is
unrestricted by rule [
%s:%d ]. 1st %s: User
Name, 2nd %s: Protocol
Name, 1% %d: Rule
Index
The application patrol daemon (process) resource pool is full, current
login user %s is unrestricted by rule %d of protocol %s. 1st %s: User
Name, 1st %d: Rule Index, 2nd %s: Protocol Name.
Table 242 IKE Logs
LOG MESSAGE DESCRIPTION
%s:%s has not
announced DPD
capability
%s:%s is the peer IP:Port. Peer has not announced capability.
[COOKIE] Invalid
cookie, no sa found
Cannot find SA according to the cookie.
[DPD] No response from
"%s:%s using existing
Phase-1 SA in %u
seconds. Trying with
Phase-1 rekey.
%s:%s is the peer IP:Port. %u is the retry time. Dead Peer Detection
(DPD) detected no response from peer.
[HASH] : Tunnel [%s]
Phase 1 hash mismatch
%s is the tunnel name. When negotiating Phase-1, the exchange hash
did not match.
[HASH] : Tunnel [%s]
Phase 2 hash mismatch"
%s is the tunnel name. When negotiating Phase-2, the calculated quick
mode authentication hash did not match.
[ID] : Invalid ID
information
ID payload is not valid (in Phase-1 is local/peer ID, in Phase-2 is local/
remote policy).
[ID] : Tunnel [%s]
Local IP mismatch
%s is the tunnel name. When negotiating Phase-1, the local tunnel IP
did not match the My IP in VPN gateway.
[ID] : Tunnel [%s] My
IP mismatch
%s is the tunnel name. When negotiating Phase-1 and selecting
matched proposal, My IP Address could not be resolved.
[ID] : Tunnel [%s]
Phase 1 ID mismatch
%s is the tunnel name. When negotiating Phase-1, the peer ID did not
match.
[ID] : Tunnel [%s]
Phase 2 Local ID
mismatch
%s is the tunnel name. When negotiating Phase-2 and checking IPsec
SAs or the ID is IPv6 ID.
[ID] : Tunnel [%s]
Phase 2 Remote ID
mismatch
%s is the tunnel name. When negotiating Phase-2 and checking IPsec
SAs or the ID is IPv6 ID.
[ID] : Tunnel [%s]
Remote IP mismatch
%s is the tunnel name. When negotiating Phase-1, the peer tunnel IP
did not match the secure gateway address in VPN gateway.
[SA] : Malformed IPSec
SA proposal
When selecting a matched proposal, some protocol was given more
than once.
[SA] : No proposal
chosen
When selecting a matched proposal in phase-1 or phase-2, so
proposal was selected.
Table 241 Application Patrol Logs (continued)
LOG MESSAGE DESCRIPTION