ZyWALL 10~100 Series Internet Security Gateway
Log Descriptions
13-13
The following table shows sample log messages during IKE key exchange.
Chart 13-10 Sample IKE Key Exchange Logs
LOG MESSAGE
DESCRIPTION
Send <Symbol> Mode request to <IP>
Send <Symbol> Mode request to <IP>
The ZyWALL has started negotiation with the peer.
Recv <Symbol> Mode request from
<IP>
Recv <Symbol> Mode request from
<IP>
The ZyWALL has received an IKE negotiation request
from the peer.
Recv:<Symbol>
IKE uses the ISAKMP protocol (refer to RFC2408 –
ISAKMP) to transmit data. Each ISAKMP packet
contains payloads of different types that show in the
log - see Chart 13-12.
Phase 1 IKE SA process done
Phase 1 negotiation is finished.
Start Phase 2: Quick Mode
Phase 2 negotiation is beginning using Quick Mode.
!! IKE Negotiation is in process
The ZyWALL has begun negotiation with the peer for
the connection already, but the IKE key exchange has
not finished yet.
!! Duplicate requests with the same
cookie
The ZyWALL has received multiple requests from the
same peer but it is still processing the first IKE packet
from that peer.
!! No proposal chosen
The parameters configured for Phase 1 or Phase 2
negotiations don’t match. Please check all protocols
and settings for these phases. For example, one party
may be using 3DES encryption, but the other party is
using DES encryption, so the connection will fail.
!! Verifying Local ID failed
!! Verifying Remote ID failed
During IKE Phase 2 negotiation, both parties
exchange policy details, including local and remote IP
address ranges. If these ranges differ, then the
connection fails.
!! Local / remote IPs of incoming
request conflict with rule <#d>
If the security gateway is “0.0.0.0”, the ZyWALL will
use the peer’s “Local Addr” as its “Remote Addr”. If
this IP (range) conflicts with a previously configured
rule then the connection is not allowed.
!! Invalid IP <IP start>/<IP end>
The peer’s “Local IP Addr” range is invalid.
Summary of Contents for 10 Series
Page 8: ...ZyWALL 10 100 Series Internet Security Gateway viii Table of Contents Index A ...
Page 14: ......
Page 16: ......
Page 28: ......
Page 32: ......
Page 34: ...ZyWALL 10 100 Series Internet Security Gateway The Big Picture 3 2 ...
Page 46: ......
Page 56: ......
Page 58: ......
Page 92: ......
Page 93: ...Index III Part III Index This part provides an Index of key terms ...
Page 94: ......