D-Link NetDefend DFL-260E Скачать руководство пользователя страница 171 | Manualshive

Страница: 171 / 652

background image

2.3. ANTIVIRUS

These log messages refer to the ANTIVIRUS (Anti-Virus related events) category.

2.3.1. virus_found (ID: 05800001)

Default Severity

Log Message

Virus found in file <filename>. Virus Name: <virusname>. Signature:
<virussig>. Advisory ID: <advisoryid>.

Explanation

A virus has been detected in a data stream. Since anti-virus is
running in protect mode, the data transfer will be aborted in order
to protect the receiver.

Gateway Action

block_data

Recommended Action

If the infected file is local, run anti-virus program to clean the file.

Revision

2

Parameters

filename
virusname
virussig
advisoryid
[layer7_srcinfo]
[layer7_dstinfo]

Context Parameters

ALG Module Name
ALG Session ID
Connection

2.3.2. virus_found (ID: 05800002)

Default Severity

Log Message

Virus found in file <filename>. Virus Name: <virusname>. Signature:
<virussig>. Advisory ID: <advisoryid>.

Explanation

A virus has been detected in a data stream. Since anti-virus is
running in audit mode, the data transfer will be allowed to continue.

Gateway Action

allow_data

Recommended Action

If the infected file is local, run anti-virus program to clean the file.

Revision

2

Parameters

filename
virusname
virussig
advisoryid
[layer7_srcinfo]
[layer7_dstinfo]

Context Parameters

ALG Module Name

Chapter 2: Log Message Reference

171

«
...
169
170
171
172
173
...
»

Содержание NetDefend DFL-260E

Страница 1: ...Network Security Solution http www dlink com NetDefendOS Ver 11 04 01 Network Security Firewall Log Reference Guide Security Security...

Страница 2: ...nce Guide DFL 260E 860E 870 1660 2560 2560G NetDefendOS Version 11 04 01 D Link Corporation No 289 Sinhu 3rd Rd Neihu District Taipei City 114 Taiwan R O C http www DLink com Published 2016 10 03 Copy...

Страница 3: ...a particular purpose D Link reserves the right to revise this publication and to make changes from time to time in the content hereof without any obligation to notify any person or parties of such rev...

Страница 4: ...54 2 1 20 max_download_size_reached ID 00200116 54 2 1 21 blocked_filetype ID 00200117 55 2 1 22 out_of_memory ID 00200118 55 2 1 23 wcf_servers_unreachable ID 00200119 55 2 1 24 wcf_srv_connection_e...

Страница 5: ...0181 76 2 1 76 smtp_no_header ID 00200184 76 2 1 77 unsupported_extension ID 00200185 76 2 1 78 cmd_pipelined ID 00200186 77 2 1 79 smtp_state_violation ID 00200190 77 2 1 80 sender_email_dnsbl_spam_m...

Страница 6: ...2 1 140 encode_failed ID 00200307 101 2 1 141 max_tcp_data_connections_exceeded ID 00200308 102 2 1 142 max_connections_per_call_exceeded ID 00200309 102 2 1 143 ignoring_channel ID 00200310 102 2 1...

Страница 7: ...egotiation_attempted ID 00200457 124 2 1 201 tls_disallowed_key_exchange ID 00200458 124 2 1 202 tls_invalid_message ID 00200459 125 2 1 203 tls_bad_message_order ID 00200460 125 2 1 204 tls_no_shared...

Страница 8: ...led_to_modify_response ID 00200559 149 2 1 261 sipalg_callleg_state_updated ID 00200560 149 2 1 262 failed_to_modify_sat_request ID 00200561 150 2 1 263 max_pptp_sessions_reached ID 00200601 150 2 1 2...

Страница 9: ...6 compression_ratio_violation ID 05800006 173 2 3 7 compression_ratio_violation ID 05800007 173 2 3 8 compression_ratio_violation ID 05800008 174 2 3 9 out_of_memory ID 05800009 174 2 3 10 out_of_mem...

Страница 10: ...06500003 196 2 6 4 authagent_rekeying_error ID 06500004 197 2 6 5 authagent_protocol_mistmatch ID 06500005 197 2 6 6 authagent_negotiation_error ID 06500006 197 2 6 7 authagent_decryption_error ID 065...

Страница 11: ...id_netmask ID 00700009 219 2 12 9 invalid_broadcast ID 00700010 220 2 12 10 invalid_offered_ip ID 00700011 220 2 12 11 invalid_gateway ID 00700012 220 2 12 12 offered_broadcast_equals_gateway ID 00700...

Страница 12: ...38 2 14 17 request_for_non_bound_ip ID 00900018 239 2 14 18 client_bound ID 00900019 239 2 14 19 client_renewed ID 00900020 240 2 14 20 got_inform_request ID 00900021 240 2 14 21 decline_for_ip_on_wro...

Страница 13: ...2 19 7 disallowed_suspect ID 02000007 261 2 19 8 drop_frags_of_disallowed_packet ID 02000008 262 2 19 9 drop_frags_of_illegal_packet ID 02000009 262 2 19 10 drop_extraneous_frags_of_completed_packet I...

Страница 14: ...nnection_established ID 01200200 280 2 22 22 hasync_connection_disconnected_lifetime_expired ID 01200201 281 2 22 23 hasync_connection_failed_timeout ID 01200202 281 2 22 24 resync_conns_to_peer_compl...

Страница 15: ...4200001 307 2 28 2 querier_election_lost ID 04200002 307 2 28 3 invalid_dest_ip_address ID 04200003 307 2 28 4 invalid_destination_ethernet_address ID 04200004 308 2 28 5 failed_restarting_igmp_conn I...

Страница 16: ...31 10 packet_corrupt ID 01800110 329 2 31 11 icv_failure ID 01800111 329 2 31 12 sequence_number_failure ID 01800112 330 2 31 13 sa_lookup_failure ID 01800113 330 2 31 14 ip_fragment ID 01800114 330 2...

Страница 17: ...c_interface_disabled ID 01800506 348 2 31 70 no_route ID 01800507 348 2 31 71 no_userauth_specified_for_eap ID 01800600 348 2 31 72 no_radius_server_configured_for_eap ID 01800601 349 2 31 73 insuffic...

Страница 18: ...ecified ID 01802100 368 2 31 133 invalid_authentication_algorithm_configured ID 01802101 369 2 31 134 no_key_method_configured_for tunnel ID 01802102 369 2 31 135 invalid_configuration_of_force_open I...

Страница 19: ...31 190 could_not_lock_certificate ID 01802608 385 2 31 191 could_not_insert_cert_to_db ID 01802609 386 2 31 192 could_not_decode_crl ID 01802610 386 2 31 193 Certificate_contains_bad_IP_address ID 01...

Страница 20: ...3 nd_multicast_target_address ID 06400048 405 2 32 24 invalid_nd_sender_ip_address ID 06400049 405 2 32 25 nd_access_allowed_expect ID 06400050 406 2 32 26 nd_na_send_failure ID 06400051 406 2 32 27 n...

Страница 21: ...mp_pointer ID 01700018 429 2 35 14 bad_timestamp_pointer ID 01700019 429 2 35 15 timestamp_disallowed ID 01700020 430 2 35 16 router_alert_bad_len ID 01700021 430 2 35 17 router_alert_disallowed ID 01...

Страница 22: ...2 36 15 oversize_ah ID 07000052 450 2 36 16 oversize_skip ID 07000053 450 2 36 17 oversize_ospf ID 07000054 451 2 36 18 oversize_ipip ID 07000055 451 2 36 19 oversize_ipcomp ID 07000056 451 2 36 20 o...

Страница 23: ...471 2 39 8 max_states_reached ID 05600009 471 2 39 9 max_states_reached ID 05600010 471 2 39 10 registerip_failed ID 05600011 472 2 39 11 registerip_failed ID 05600012 472 2 39 12 dynamicip_failed ID...

Страница 24: ...max_allowed ID 02400304 492 2 40 53 as_disabled_due_to_mem_alloc_fail ID 02400305 492 2 40 54 internal_lsa_chksum_error ID 02400306 493 2 40 55 unable_to_find_iface_to_stub_net ID 02400400 493 2 40 56...

Страница 25: ...5 session_idle_timeout ID 02700015 512 2 43 16 pptpclient_start ID 02700017 512 2 43 17 pptpclient_connected ID 02700018 513 2 43 18 pptp_tunnel_up ID 02700019 513 2 43 19 ctrlconn_refused ID 02700020...

Страница 26: ...block127net ID 06000012 534 2 48 8 block127net ID 06000013 534 2 48 9 broadcast_nat ID 06000014 534 2 48 10 allow_broadcast ID 06000016 535 2 48 11 block0net ID 06000020 535 2 48 12 block0net ID 0600...

Страница 27: ...2 53 2 invalid_snmp_community ID 03100002 557 2 53 3 snmp3_received_unautherized_message ID 03100100 557 2 53 4 snmp3_local_password_too_short ID 03100101 558 2 53 5 snmp3_authentication_failed ID 031...

Страница 28: ...s_lost_due_to_throttling ID 03200400 577 2 56 16 log_messages_lost_due_to_log_buffer_exhaust ID 03200401 577 2 56 17 ssl_encryption_failed ID 03200450 578 2 56 18 bidir_fail ID 03200600 578 2 56 19 fi...

Страница 29: ...601 2 58 5 tcp_mss_above_log_level ID 03400005 601 2 58 6 tcp_option ID 03400006 602 2 58 7 tcp_option_strip ID 03400007 602 2 58 8 bad_tcpopt_length ID 03400010 602 2 58 9 bad_tcpopt_length ID 034000...

Страница 30: ...2 15 user_timeout ID 03700020 624 2 62 16 group_list_too_long ID 03700030 624 2 62 17 accounting_alive ID 03700050 625 2 62 18 accounting_interim_failure ID 03700051 625 2 62 19 no_accounting_interim_...

Страница 31: ...8002 642 2 63 10 secaas_lic_installation_failed ID 05208003 643 2 64 ZONEDEFENSE 644 2 64 1 unable_to_allocate_send_entries ID 03800001 644 2 64 2 unable_to_allocate_exclude_entry ID 03800002 644 2 64...

Страница 32: ...List of Tables 1 Abbreviations 35 32...

Страница 33: ...List of Examples 1 Log Message Parameters 34 2 Conditional Log Message Parameters 34 33...

Страница 34: ...a log message parameter Square Brackets name Used for specifying the name of a conditional log message parameter Example 1 Log Message Parameters Log Message New configuration activated by user userna...

Страница 35: ...on System IP Internet Protocol IPSec Internet Protocol Security L2TP Layer 2 Tunneling Protocol NAT Network Address Translation OSPF Open Shortest Path First PPP Point to Point Protocol PPPoE Point to...

Страница 36: ...h specific log message Name The name of the log message which is a short string 1 6 words separated by _ Please note that the name cannot be used as a unique identification of the log message as sever...

Страница 37: ...3 words separated by _ of what action NetDefendOS will take If the log message is purely informative this is set to None Recommended Action A detailed recommendation of what the administrator should...

Страница 38: ...odule in order to quickly distinguish which type of ALG this is algmod The name of the ALG sub module ALG Session ID Each ALG session has its own session ID which uniquely identifies an ALG session Th...

Страница 39: ...he ICMP redirect code Valid if the protocol is ICMP and sub protocol is redirect icmpcode The ICMP sub protocol code Valid if the protocol is ICMP and sub protocol is not echo destination unreachable...

Страница 40: ...nformation Additional information about the rule that was used when this event was triggered Certain parameters may or may not be included depending on the type of rule For example the name of an auth...

Страница 41: ...nge lsa spf route and unknown loglevel The log level value OSPF LSA Additional information about OSPF LSA lsatype The LSA type Possible values Router network IP summary ASBR summary and AS external ls...

Страница 42: ...routemetric Route metric cost Chapter 1 Introduction 42...

Страница 43: ...lity of the unit 4 Warning Warning conditions which could affect the functionality of the unit 5 Notice Normal but significant conditions 6 Informational Informational conditions 7 Debug Debug level e...

Страница 44: ...Chapter 1 Introduction 44...

Страница 45: ...189 AUTHAGENTS page 196 AVSE page 202 AVUPDATE page 203 BLACKLIST page 206 BUFFERS page 208 CONN page 209 DHCP page 217 DHCPRELAY page 223 DHCPSERVER page 234 DHCPV6CLIENT page 244 DHCPV6SERVER page 2...

Страница 46: ...e 423 IP_OPT page 425 IP_PROTO page 445 L2TP page 457 LACP page 466 NATPOOL page 469 OSPF page 474 PPP page 498 PPPOE page 506 PPTP page 507 RADIUSRELAY page 517 REALTIMEMONITOR page 521 REASSEMBLY pa...

Страница 47: ...from Application Layer Gateways category 2 1 1 alg_session_open ID 00200001 Default Severity INFORMATIONAL Log Message ALG session opened Explanation A new ALG session has been opened Gateway Action...

Страница 48: ..._failure ID 00200009 Default Severity CRITICAL Log Message Failed to allocate ALG session Explanation The system failed to allocate an ALG session The reason for this is either that the total number o...

Страница 49: ...invalid UTF8 formatted characters Gateway Action close Recommended Action Make sure that the requested URL is formatted correctly Revision 1 Parameters reason algname Context Parameters ALG Module Na...

Страница 50: ...st header Closing connection ALG name algname Explanation Data was received after the client request header although the header specified that no such data should be sent Gateway Action closing_connec...

Страница 51: ...losing_connecion Recommended Action Research the source of this and try to find out why the server is sending invalid formatted chunked data Revision 1 Parameters algname Context Parameters ALG Module...

Страница 52: ...Module Name ALG Session ID 2 1 14 max_http_sessions_reached ID 00200110 Default Severity WARNING Log Message HTTPALG Maximum number of HTTP sessions max_sessions for service reached Closing connection...

Страница 53: ...Recommended Action Verify that there is a listening HTTP Server on the specified address Revision 1 Parameters algname Context Parameters ALG Module Name ALG Session ID 2 1 17 content_type_mismatch I...

Страница 54: ...Extend valid time for Content Filtering Revision 3 Context Parameters ALG Module Name 2 1 20 max_download_size_reached ID 00200116 Default Severity WARNING Log Message HTTPALG The file filename with f...

Страница 55: ...ICAL Log Message HTTPALG Failed to allocate memory Explanation The unit does not have enough available RAM WCF could not allocate memory for override functionality Gateway Action none Recommended Acti...

Страница 56: ...2 1 25 wcf_server_unreachable ID 00200121 Default Severity ERROR Log Message HTTPALG Failed to connect to web content server failedserver Explanation Web Content Filtering was unable to connect to the...

Страница 57: ...0200124 Default Severity INFORMATIONAL Log Message HTTPALG Falling back from secondary servers to primary server Explanation Web Content Filtering falls back to primary server after 60 minutes or when...

Страница 58: ...uested Gateway Action block Recommended Action None Revision 2 Parameters categories audit override url algname Context Parameters Connection Connection ALG Module Name ALG Session ID 2 1 31 wcf_serve...

Страница 59: ...2 1 33 request_url ID 00200129 Default Severity NOTICE Log Message HTTPALG Requesting URL url Categories categories Audit audit Override override ALG name algname Explanation The URL has been request...

Страница 60: ..._orig url_req url_reply Context Parameters ALG Module Name 2 1 36 restricted_site_notice ID 00200132 Default Severity WARNING Log Message HTTPALG User requests the forbidden URL url even though Restri...

Страница 61: ...ession ID 2 1 38 wcf_server_disconnected ID 00200134 Default Severity INFORMATIONAL Log Message HTTPALG Web content server server disconnected Explanation The Web Content server has closed the connect...

Страница 62: ...L has been requested Gateway Action allow_audit_mode Recommended Action None Revision 3 Parameters categories audit override url user algname Context Parameters Connection Connection ALG Module Name A...

Страница 63: ...allow Recommended Action Disable the RESTRICTED_SITE_NOTICE mode of parameter CATEGORIES for this ALG Revision 4 Parameters url user algname Context Parameters Connection Connection ALG Module Name AL...

Страница 64: ...vision 1 Context Parameters ALG Module Name 2 1 45 out_of_memory ID 00200141 Default Severity CRITICAL Log Message HTTPALG Failed to allocate memory Explanation The system failed to allocate memory an...

Страница 65: ...ection attempt is in progress Gateway Action reconnecting Recommended Action None Revision 1 Context Parameters ALG Module Name 2 1 48 invalid_http_syntax ID 00200144 Default Severity ERROR Log Messag...

Страница 66: ...ua Explanation The HTTPALG blocked access for a browser with a disallowed user agent string Gateway Action close Recommended Action If this user agent string should be allowed add it to the list of al...

Страница 67: ...t upgrade e g websocket The connection is no longer allowed Gateway Action close Recommended Action Modify the configuration is socket upgrades should be allowed Revision 1 Parameters type algname Con...

Страница 68: ...ssions Context Parameters ALG Module Name 2 1 55 maximum_email_per_minute_reached ID 00200151 Default Severity WARNING Log Message SMTPALG Maximum number of emails per client and minute reached Explan...

Страница 69: ...ction None Revision 3 Context Parameters ALG Module Name ALG Session ID 2 1 58 invalid_server_response ID 00200155 Default Severity ERROR Log Message SMTPALG Could not parse server response code Expla...

Страница 70: ...be denied Gateway Action reject Recommended Action Disable the Verify E Mail Sender ID setting if you experience that valid e mails are being wrongly blocked Revision 3 Parameters sender_email_address...

Страница 71: ...recipients email id are in Black List Explanation Since some RCPT TO Email ids are in Black List SMTP ALG has blocked mail to those recipients Gateway Action reject Recommended Action Emails can be fo...

Страница 72: ...ion allow_block Recommended Action Research how the sender is encoding the data Revision 2 Parameters filename filetype sender_email_address recipient_email_addresses Context Parameters ALG Module Nam...

Страница 73: ...ype sender_email_address recipient_email_addresses Context Parameters ALG Module Name ALG Session ID 2 1 68 max_email_size_reached ID 00200170 Default Severity WARNING Log Message SMTPALG Maximum emai...

Страница 74: ...l_ids_are_in_blocklist ID 00200172 Default Severity WARNING Log Message SMTPALG All recipients e mail addresses are in Black List Explanation Since RCPT TO email ids are in Black List SMTP ALG rejecte...

Страница 75: ...e Name ALG Session ID 2 1 73 dnsbl_init_error ID 00200177 Default Severity ERROR Log Message DNSbl internal error Explanation The email could not be checked for spam Email will be processed without sp...

Страница 76: ...everity WARNING Log Message SMTPALG Email without SMTP headers received Explanation The SMTP ALG received an email without headers Gateway Action allow Recommended Action None Revision 1 Context Param...

Страница 77: ...G Session ID 2 1 79 smtp_state_violation ID 00200190 Default Severity WARNING Log Message SMTPALG State violation violation Explanation The client sent an invalid sequence of commands The protocol vio...

Страница 78: ...s sent in an invalid direction and the connection will be closed Gateway Action close Recommended Action None Revision 1 Parameters peer Context Parameters ALG Module Name ALG Session ID Rule Informat...

Страница 79: ...in the control channel This is not allowed according to the FTPALG configuration and the connection will be closed Gateway Action close Recommended Action If 8 bit characters should be allowed modify...

Страница 80: ...tion close Recommended Action If unknown commands should be allowed modify the FTPALG configuration Revision 1 Parameters peer string Context Parameters ALG Module Name ALG Session ID Connection 2 1 8...

Страница 81: ...hould be allowed to do active FTP modify the FTPALG configuration Revision 1 Parameters peer Context Parameters ALG Module Name ALG Session ID Connection 2 1 89 illegal_command ID 00200215 Default Sev...

Страница 82: ...ty CRITICAL Log Message FTPALG Illegal PORT command from peer port port not allowed String string Rejecting command Explanation An illegal PORT command was received from the client It requests that th...

Страница 83: ...t is not allowed to do this The command will be rejected Gateway Action rejecting_command Recommended Action If the client should be allowed to do issue SITE EXEC commands modify the FTPALG configurat...

Страница 84: ...on ID Connection 2 1 96 illegal_option ID 00200222 Default Severity WARNING Log Message FTPALG Invalid OPTS argument from peer String string Rejecting command Explanation An invalid OPTS argument was...

Страница 85: ...n An unknown OPTS argument was received and the command will be rejected Gateway Action rejecting_command Recommended Action If unknown commands should be allowed modify the FTPALG configuration Revis...

Страница 86: ...ould be allowed modify the FTPALG configuration Revision 1 Parameters peer string Context Parameters ALG Module Name ALG Session ID Connection 2 1 101 illegal_reply ID 00200228 Default Severity WARNIN...

Страница 87: ...tion 2 1 103 illegal_reply ID 00200231 Default Severity WARNING Log Message FTPALG Unsolicted 227 passive mode response from peer String string Closing connection Explanation An illegal response was r...

Страница 88: ...is out of range This is not allowed and the connection will be closed Gateway Action close Recommended Action The FTP server could be compromised and should not be trusted Revision 1 Parameters peer...

Страница 89: ...ly be a result of lack of memory Gateway Action None Recommended Action None Revision 1 Parameters peer connection string Context Parameters ALG Module Name ALG Session ID Connection 2 1 108 failed_to...

Страница 90: ...ernal Error failed to register eventhandler Closing connection Explanation An internal error occured when registering an eventhandler and the connection will be closed Gateway Action close Recommended...

Страница 91: ...G Module Name 2 1 113 failed_create_new_session ID 00200242 Default Severity ERROR Log Message FTPALG Failed to create new FTPALG session out of memory Explanation An attempt to create a new FTPALG se...

Страница 92: ...evision 1 Parameters filename filetype Context Parameters ALG Module Name ALG Session ID 2 1 116 failed_to_send_command ID 00200251 Default Severity NOTICE Log Message FTPALG Failed to send the comman...

Страница 93: ...iguration Gateway Action data_blocked_control_and_data_channel_closed Recommended Action If this file should be allowed update the ALLOW BLOCK list Revision 2 Parameters filename filetype Context Para...

Страница 94: ...owed rejecting command Explanation The client tried to issue a REST command which is not valid since the client is not allowed to do this The command will be rejected Gateway Action rejecting_command...

Страница 95: ...Context Parameters ALG Module Name ALG Session ID Connection 2 1 124 clienthello_server_name ID 00200272 Default Severity INFORMATIONAL Log Message HTTPALG HTTPS c Found server DNS name hostname in Cl...

Страница 96: ...Explanation Failed to parse ClientHello datagram Gateway Action None Recommended Action None Revision 1 Parameters algname Context Parameters ALG Module Name ALG Session ID Connection 2 1 127 invalid...

Страница 97: ...rtificate_server_name ID 00200277 Default Severity INFORMATIONAL Log Message HTTPALG HTTPS s Found server DNS name hostname in Certificate datagram Explanation Found server DNS name in Certificate dat...

Страница 98: ...meters algname Context Parameters ALG Module Name ALG Session ID Connection 2 1 132 blacklisted_url_blocked ID 00200280 Default Severity NOTICE Log Message HTTPALG HTTPS c Blacklisted URL hostname blo...

Страница 99: ...invalid message was received from peer Explanation An invalid message was received from the peer The ALG session will be closed Gateway Action closing_session Recommended Action None Revision 2 Param...

Страница 100: ...vision 1 Parameters peer message_type Context Parameters ALG Module Name ALG Session ID Connection 2 1 137 encode_failed ID 00200304 Default Severity WARNING Log Message H323ALG Failed before encoding...

Страница 101: ...Failed before encoding H 245 message Closing connection Explanation The H 245 encoder failed to allocate memory used for encoding of the message The ALG session will be closed Gateway Action close Rec...

Страница 102: ...ters max_channels Context Parameters ALG Module Name ALG Session ID Connection 2 1 142 max_connections_per_call_exceeded ID 00200309 Default Severity WARNING Log Message H323ALG No more connections al...

Страница 103: ...ation Mode Response message is not translated Gateway Action None Recommended Action None Revision 2 Parameters peer Context Parameters ALG Module Name ALG Session ID Connection 2 1 145 max_h323_sessi...

Страница 104: ...umber of H 323 gatekeeper sessions for service reached Explanation The maximum number of concurrent H 323 gatekeeper sessions has been reached for this service Connection will be closed Gateway Action...

Страница 105: ...pecified address Revision 1 Context Parameters ALG Module Name ALG Session ID 2 1 150 com_mode_command_message_not_translated ID 00200317 Default Severity WARNING Log Message H323ALG CommunicationMode...

Страница 106: ...g connection Gateway Action reject Recommended Action If all characters in filenames should be allowed modify the TFTP Alg configuration Revision 1 Parameters filename Context Parameters ALG Module Na...

Страница 107: ...option contained no readable value Explanation Option contained no readable value Closing connection Gateway Action reject Recommended Action None Revision 1 Parameters option Context Parameters ALG...

Страница 108: ...1 Parameters option Context Parameters ALG Module Name ALG Session ID Connection 2 1 158 option_tsize_invalid ID 00200358 Default Severity WARNING Log Message TFTPALG Option tsize value value exceedin...

Страница 109: ...Log Message TFTPALG The received option option was not sent Explanation The received option was not sent Closing connection Gateway Action close Recommended Action None Revision 1 Parameters option C...

Страница 110: ...essage TFTPALG Option blksize value old_blksize exceeding allowed value Rewriting to new_blksize Explanation Option blksize value exceeding allowed value Rewriting value Gateway Action rewrite Recomme...

Страница 111: ...ession failed because the unit is out of memory Gateway Action close Recommended Action Decrease the maximum allowed TFTPALG sessions or try to free some of the RAM used Revision 1 Context Parameters...

Страница 112: ...RNING Log Message TFTPALG Received invalid packet Opcode opcode Packet length packet_length Explanation Received invalid packet Closing listening connection and opening new instead Gateway Action clos...

Страница 113: ...nfiguration Revision 1 Parameters received maxvalue Context Parameters ALG Module Name ALG Session ID Connection 2 1 171 options_removed ID 00200371 Default Severity WARNING Log Message TFTPALG Option...

Страница 114: ...that the ALG session could not be successfully opened Gateway Action close Recommended Action None Revision 1 Parameters error_code Context Parameters ALG Module Name 2 1 174 invalid_error_message_rec...

Страница 115: ...3ALG session out of memory Explanation An attempt to create a new POP3ALG session failed because the unit is out of memory Gateway Action close Recommended Action Decrease the maximum allowed POP3ALG...

Страница 116: ...type filetype which is in block list Explanation The file is present in the block list It will be blocked as per configuration Gateway Action block Recommended Action If this file should be allowed u...

Страница 117: ...filetype sender_email_address Context Parameters ALG Module Name ALG Session ID 2 1 182 possible_invalid_mail_end ID 00200387 Default Severity WARNING Log Message POP3ALG Possible invalid end of mail...

Страница 118: ...length The response will be blocked Gateway Action block Recommended Action None Revision 1 Parameters command len Context Parameters ALG Module Name ALG Session ID 2 1 185 content_type_mismatch ID 0...

Страница 119: ...pe sender_email_address Context Parameters ALG Module Name 2 1 187 command_blocked_invalid_argument ID 00200392 Default Severity WARNING Log Message POP3ALG Command blocked Invalid argument argument g...

Страница 120: ...k Recommended Action If the command are to be allowed change the Alg configuration Revision 1 Parameters command Context Parameters ALG Module Name ALG Session ID 2 1 190 unexpected_mail_end ID 002003...

Страница 121: ...d The last part was therefore blocked by the firewall Gateway Action block Recommended Action None Revision 1 Parameters len retrigs Context Parameters ALG Module Name ALG Session ID 2 1 193 max_tls_s...

Страница 122: ...rity ERROR Log Message TLSALG Failed to connect to the HTTP Server Closing connection ALG name algname Explanation The unit failed to connect to the HTTP Server resulting in that the ALG session could...

Страница 123: ...ion tls_alert_sent Recommended Action None Revision 1 Parameters algname Context Parameters ALG Module Name ALG Session ID 2 1 198 tls_alert_sent ID 00200455 Default Severity ERROR Log Message TLSALG...

Страница 124: ...gotiation is however not supported so the TLS ALG session will be closed Gateway Action close Recommended Action None Revision 1 Parameters algname Context Parameters ALG Module Name ALG Session ID 2...

Страница 125: ...ext Parameters ALG Module Name ALG Session ID 2 1 203 tls_bad_message_order ID 00200460 Default Severity ERROR Log Message TLSALG Bad TLS handshake message order Explanation A TLS handshake message of...

Страница 126: ...connection of a TLS ALG session The TLS ALG session will be closed Gateway Action close Recommended Action None Revision 1 Parameters algname Context Parameters ALG Module Name ALG Session ID 2 1 206...

Страница 127: ...ge SIPALG SDP message parsing failed Explanation SDP part of message failed parsing due to malformed message Reason reason Gateway Action drop Recommended Action Examine why client or server is sendin...

Страница 128: ...reason Gateway Action drop Recommended Action Examine why client or server is sending a malformed SIP message Revision 2 Parameters reason from_uri to_uri srcip srcport destip destport Context Parame...

Страница 129: ...e maximum number of SIPALG sessions per SIP URI is too low increase it Revision 2 Parameters max_ses_per_id from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 213 reg...

Страница 130: ...thod from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 215 sip_request_response_timeout ID 00200508 Default Severity WARNING Log Message SIPALG SIP request response...

Страница 131: ...arameters cfg_registration_time from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 217 unsuccessful_registration ID 00200510 Default Severity WARNING Log Message SIPA...

Страница 132: ...Severity WARNING Log Message SIPALG Registration entry not found Explanation The specified user could not be found in the register table Reason reason Gateway Action drop Recommended Action None Revi...

Страница 133: ...method request could not be created Gateway Action drop Recommended Action None Revision 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 222 fa...

Страница 134: ...uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 224 sipalg_session_state_updated ID 00200517 Default Severity DEBUG Log Message SIPALG SIP ALG session state updated Exp...

Страница 135: ...Default Severity ERROR Log Message SIPALG Failed to create transaction Explanation The SIP ALG failed to create transaction for method request Gateway Action drop Recommended Action None Revision 2 P...

Страница 136: ...d Gateway Action close Recommended Action None Revision 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name ALG Session ID 2 1 229 sipalg_transaction_s...

Страница 137: ...n from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 231 failed_to_get_free_port ID 00200527 Default Severity CRITICAL Log Message SIPALG Failed to get free NAT port...

Страница 138: ...G Module Name 2 1 233 failed_to_update_port ID 00200529 Default Severity ERROR Log Message SIPALG Failed to update port information Explanation Failed to update port into session for method request Ga...

Страница 139: ...y SDP message Explanation Failed to modify SDP part of message Reason reason Gateway Action drop Recommended Action None Revision 2 Parameters reason from_uri to_uri srcip srcport destip destport Cont...

Страница 140: ...None Revision 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 238 failed_to_modify_request_uri ID 00200534 Default Severity ERROR Log Message...

Страница 141: ...destip destport Context Parameters ALG Module Name 2 1 240 method_not_supported ID 00200536 Default Severity WARNING Log Message SIPALG Method not supported Explanation The method method is not suppo...

Страница 142: ...SIP ALG has detected a SIP SDP message involving third party IP address Reason reason The request will be dropped Gateway Action drop Recommended Action None Revision 2 Parameters reason from_uri to_u...

Страница 143: ...e 2 1 245 user_registered ID 00200541 Default Severity NOTICE Log Message SIPALG Successful Registration Explanation User user_name registered Gateway Action None Recommended Action None Revision 2 Pa...

Страница 144: ...modify_contact ID 00200547 Default Severity ERROR Log Message SIPALG Failed to modify contact tag in message Explanation Failed to modify the contact tag in SIP message Reason reason Gateway Action dr...

Страница 145: ...estport Context Parameters ALG Module Name 2 1 251 max_session_per_service_reached ID 00200550 Default Severity WARNING Log Message SIPALG Maximum number of transaction per session has been reached Ex...

Страница 146: ...on 2 Parameters max_tsxn_per_session from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 253 invalid_transaction_state ID 00200552 Default Severity ERROR Log Message S...

Страница 147: ...200554 Default Severity NOTICE Log Message SIPALG CallLeg created Explanation SIP ALG callleg created for method request Gateway Action allow Recommended Action None Revision 2 Parameters method from_...

Страница 148: ...t Gateway Action drop Recommended Action None Revision 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 258 failed_to_update_callleg ID 00200557...

Страница 149: ...srcport destip destport Context Parameters ALG Module Name ALG Session ID 2 1 260 failed_to_modify_response ID 00200559 Default Severity ERROR Log Message SIPALG Failed to modify the response Explana...

Страница 150: ...ROR Log Message SIPALG Failed to modify the SAT request Explanation Failed to modify requst ip to SAT destination IP in the method request Gateway Action drop Recommended Action None Revision 1 Parame...

Страница 151: ...out of memory Gateway Action close Recommended Action Decrease the maximum allowed PPTPALG sessions or try to free some of the RAM used Revision 1 Context Parameters ALG Module Name 2 1 265 failed_co...

Страница 152: ...nnel has been removed between the PPTP client and the PPTP ALG Gateway Action None Recommended Action None Revision 1 Context Parameters ALG Session ID ALG Module Name 2 1 268 pptp_tunnel_removed_serv...

Страница 153: ...Action None Revision 1 Context Parameters ALG Session ID ALG Module Name 2 1 271 pptp_malformed_packet ID 00200609 Default Severity WARNING Log Message Malformed packet received from remotegw on iface...

Страница 154: ...ose Recommended Action If the maximum number of IMAP sessions is too low increase it Revision 1 Parameters max_sessions Context Parameters ALG Module Name 2 1 274 failed_create_new_session ID 00200651...

Страница 155: ...Explanation An attempt to allocate memory failed Gateway Action close Recommended Action Try to free up unwanted memory Revision 1 Context Parameters ALG Module Name ALG Session ID 2 1 277 blocked_fil...

Страница 156: ...on ID 2 1 279 command_blocked ID 00200659 Default Severity WARNING Log Message IMAPALG Command command blocked Explanation The client is sending command that are not allowed The command will be blocke...

Страница 157: ...wed change the Alg configuration Revision 1 Parameters command Context Parameters ALG Module Name ALG Session ID 2 1 282 response_blocked_unknown ID 00200662 Default Severity WARNING Log Message IMAP_...

Страница 158: ...eters ALG Module Name 2 1 284 plain_auth_blocked ID 00200664 Default Severity WARNING Log Message IMAPALG Plain text authentication attempt blocked Explanation The client is sending plain text authent...

Страница 159: ...p from to profile tests link_categories Context Parameters Connection ALG Module Name ALG Session ID 2 2 2 spam_found ID 05900002 Default Severity INFORMATIONAL Log Message Email was classified as spa...

Страница 160: ...ID 05900010 Default Severity ERROR Log Message Failed to allocate memory required for anti spam Explanation A memory allocation failure occurred The system will be unable to perform anti spam scannin...

Страница 161: ...a DNS query could not be sent Gateway Action None Recommended Action Verify that DNS is configured correctly Revision 1 Parameters sourceip from to profile Context Parameters Connection ALG Module Nam...

Страница 162: ...okups Revision 1 Parameters sourceip from to profile Context Parameters Connection ALG Module Name ALG Session ID 2 2 9 link_protection_wcf_error ID 05900032 Default Severity ERROR Log Message Link Pr...

Страница 163: ...Name ALG Session ID 2 2 11 dnsbl_allocation_failure ID 05900040 Default Severity ERROR Log Message Failed to allocate memory for DNSBL lookup DNSBL dnsbl Explanation A memory allocation failure occur...

Страница 164: ...nt DNSBL dnsbl Explanation DNSBL check failed because a DNS query could not be sent Gateway Action None Recommended Action Verify that DNS is configured correctly Revision 1 Parameters sourceip from t...

Страница 165: ...ed Action Verify that the DCC servers are reachable Revision 1 Parameters sourceip from to profile Context Parameters Connection ALG Module Name ALG Session ID 2 2 16 dcc_query_error ID 05900052 Defau...

Страница 166: ...Session ID 2 2 18 recipient_email_changed_to_drop_address ID 05900196 Default Severity NOTICE Log Message SMTPALG Recipient e mail address is changed to DNSBL Drop address Explanation RCPT TO e mail...

Страница 167: ...ion 1 Parameters type algname ipaddr 2 2 21 dnsbl_ipcache_remove ID 05900811 Default Severity NOTICE Log Message IP ipaddr removed from IP Cache for algname due to timeout Explanation An IP address wa...

Страница 168: ...tings Revision 1 Parameters type algname ipaddr 2 2 24 dnsbl_ipcache_add ID 05900814 Default Severity NOTICE Log Message Session for IP ipaddr for algname is done with result result Explanation An IP...

Страница 169: ...Gateway Action none Recommended Action None Revision 1 Parameters type algname 2 2 27 dnsbl_query_add ID 05900817 Default Severity NOTICE Log Message Query created for IP ipaddr to BlackList blacklis...

Страница 170: ...h IP ipaddr for algname Explanation TXT records will not fit the string buffer and will be truncated Gateway Action none Recommended Action None Revision 1 Parameters type algname ipaddr 2 2 30 dnsbl_...

Страница 171: ...Revision 2 Parameters filename virusname virussig advisoryid layer7_srcinfo layer7_dstinfo Context Parameters ALG Module Name ALG Session ID Connection 2 3 2 virus_found ID 05800002 Default Severity W...

Страница 172: ...3 4 decompression_failed ID 05800004 Default Severity ERROR Log Message Decompression error for file filename Explanation The file could not be scanned by the anti virus module since the decompressio...

Страница 173: ...ion ID 05800006 Default Severity WARNING Log Message Compression ratio violation for file filename Compression ratio threshold comp_ratio Explanation Anti virus has scanned a compressed file with a co...

Страница 174: ...e filename Compression ratio threshold comp_ratio Explanation Anti virus has scanned a compressed file with a compression ratio higher than the specified value Action is set to continue scan Gateway A...

Страница 175: ...ion block_data Recommended Action Try to free some memory by changing configuration parameters Revision 1 Parameters filename filetype layer7_srcinfo layer7_dstinfo Context Parameters ALG Module Name...

Страница 176: ...license ID 05800015 Default Severity CRITICAL Log Message AVSE Virus scanning aborted No valid license present Explanation Anti virus scanning is aborted since there is no valid license present Gatewa...

Страница 177: ...order to solve this issue Revision 2 Context Parameters ALG Session ID 2 3 16 out_of_memory ID 05800018 Default Severity CRITICAL Log Message AVSE Virus scanning aborted Out of memory during initiali...

Страница 178: ...on None Revision 1 Parameters url advisoryid layer7_srcinfo layer7_dstinfo Context Parameters ALG Module Name ALG Session ID Connection 2 3 19 decompression_failed_encrypted_file ID 05800024 Default S...

Страница 179: ...e Gateway Action allow_data Recommended Action Change Fail Mode parameter to deny if files that fail decompression should be blocked Revision 1 Parameters filename layer7_srcinfo layer7_dstinfo Contex...

Страница 180: ...eters ALG Module Name ALG Session ID Connection 2 3 23 max_archive_depth_exceeded ID 05800029 Default Severity WARNING Log Message The file filename has too many archive levels Maximum allowed is max_...

Страница 181: ...planation Antivirus module cannot scan the attachment since the transfer encoding is missing or unknown Fail Mode is allow so data is allowed without scanning Gateway Action allow_data_without_scan Re...

Страница 182: ...ommended Action Research the Content Transfer Encoding format Revision 1 Parameters filename unknown_content_transfer_encoding sender_email_address Context Parameters ALG Module Name ALG Session ID 2...

Страница 183: ...ent since the transfer encoding is missing or unknown Fail Mode is allow so data is allowed without scanning Gateway Action allow_data_without_scan Recommended Action Research the Content Transfer Enc...

Страница 184: ...le applicationruleset Context Parameters Connection Rule Information 2 4 2 application_identified ID 07200002 Default Severity INFORMATIONAL Log Message Application identified Application application...

Страница 185: ..._control_disabled ID 07200005 Default Severity CRITICAL Log Message Application Control disabled Explanation Application Control has been disabled due fatal subsystem failure Traffic will be treated a...

Страница 186: ...control subsystem cleaned up memory usage in order to free memory The AppCtl_FreeMemOptLevel setting can be used to tweak the limit when memory cleanup should be triggered Gateway Action none Recommen...

Страница 187: ...pplication application Attribute attribute Value value Explanation The configured Application Content Control policy does not allow the identified attribute or its value The connection is closed Gatew...

Страница 188: ...Explanation There is a maximum of 50 000 Application Content Control attributes to store until connections have been fully classified This limit has been reached Application Content Control is disabl...

Страница 189: ...2 no_sender_ip ID 00300002 Default Severity NOTICE Log Message ARP query sender IP is 0 0 0 0 Explanation The source IP address of an ARP query is 0 0 0 0 Allowing Gateway Action allow Recommended Act...

Страница 190: ...ation The ARP response has a sender address which is a multicast address This might be the case if there are load balancing network equipment in the network Allowing Gateway Action allow Recommended A...

Страница 191: ...NOTICE Log Message knownip has a different address newhw compared to the known hardware address knownhw Allow packet for further processing Explanation A known dynamic ARP entry has a different hardwa...

Страница 192: ...edARPReplies Revision 1 Context Parameters Rule Name Packet Buffer 2 5 11 arp_resolution_success ID 00300020 Default Severity NOTICE Log Message ARP entry was added to the ARP cache Explanation ARP en...

Страница 193: ...dify the configuration Revision 1 Context Parameters Rule Name Packet Buffer 2 5 14 arp_access_allowed_expect ID 00300050 Default Severity NOTICE Log Message Allowed by expect rule in access section E...

Страница 194: ...cast_drop ID 00300053 Default Severity NOTICE Log Message ARP response is a multicast address Dropping Explanation The ARP response has a sender address which is a multicast address This might be the...

Страница 195: ...CE Log Message knownip has a different address newhw compared to the known hardware address knownhw Dropping packet Explanation A known dynamic ARP entry has a different hardware address than the one...

Страница 196: ...6 2 authagent_disconnected ID 06500002 Default Severity INFORMATIONAL Log Message Disconnected from Authentication Agent at name ip4addr port Explanation A Authentication Agent connection was disconn...

Страница 197: ...ty INFORMATIONAL Log Message SGW protocol sgwproto and Agent name ip4addr protocol agentproto do not match Explanation Protocol mistmatch Gateway Action protocol_mistmatch Recommended Action Update SG...

Страница 198: ...erity INFORMATIONAL Log Message Challenge error with Agent name ip4addr Explanation Challenge error Gateway Action challenge_error Recommended Action Check PSK Revision 1 Parameters name ip4addr 2 6 9...

Страница 199: ...MATIONAL Log Message Error fetching initial data Explanation Initial data error Gateway Action initial_error Recommended Action None Revision 1 2 6 12 authagent_removeuser_error ID 06500012 Default Se...

Страница 200: ...access according to the group membership or user name information Gateway Action None Recommended Action None Revision 2 Parameters idle_timeout session_timeout groups Context Parameters User Authenti...

Страница 201: ...y Action adduser_error Recommended Action None Revision 1 Parameters username iface ip 2 6 17 authagent_removeuser_error ID 06500042 Default Severity INFORMATIONAL Log Message Error removing user ifac...

Страница 202: ...0001 Default Severity ALERT Log Message Could not start Anti virus engine because of reason Explanation The unit tried to read the anti virus database but failed The reason for this is specified in th...

Страница 203: ...eason 2 8 2 av_database_downloaded ID 05000002 Default Severity NOTICE Log Message New anti virus database downloaded Explanation An updated version of the anti virus database has been downloaded whic...

Страница 204: ...to date The system clock must be set correctly in order to use the antivirus features Antivirus features remains disabled until clock is correct and a manual antivirus update has been performed Gatewa...

Страница 205: ...Action downloading_new_database Recommended Action None Revision 1 2 8 8 downloading_new_database ID 05000009 Default Severity NOTICE Log Message Downloading new antivirus database ss2db Explanation A...

Страница 206: ...entry ID 04600002 Default Severity WARNING Log Message Unable to allocate static entry for host Explanation Unable to allocate static entry Unit is low on memory Gateway Action no_block Recommended Ac...

Страница 207: ...None Revision 3 Parameters proto ip port 2 9 5 host_blacklisted ID 04600006 Default Severity NOTICE Log Message Blacklist entry added Protocol proto IP ip Port port Explanation A blacklist entry was...

Страница 208: ...Action If this is a reoccurring event try increasing the number of HighBuffers Revision 1 Parameters duration buf_usage 2 10 2 buffers_profile ID 00500002 Default Severity DEBUG Log Message Buffer re...

Страница 209: ...Severity INFORMATIONAL Log Message Connection closed Explanation A connection has been closed Gateway Action close Recommended Action None Revision 1 Context Parameters Rule Information Connection 2 1...

Страница 210: ...D 00600005 Default Severity INFORMATIONAL Log Message Connection closed Explanation A connection has been closed Gateway Action close Recommended Action None Revision 1 Context Parameters Rule Informa...

Страница 211: ...planation State inspector would not open a new connection for this TCP packet since the combination of TCP flags is wrong Only packets with the SYN TCP flag set as the only TCP flag are allowed to ope...

Страница 212: ...ped Gateway Action reject Recommended Action None Revision 1 Context Parameters Rule Name Connection Packet Buffer 2 11 11 reverse_connect_attempt ID 00600015 Default Severity WARNING Log Message Disa...

Страница 213: ...TCP UDP destination port or TCP source port was set to 0 Dropping Explanation The TCP UDP destination or TCP source port was set to 0 which is not allowed Dropping packet Gateway Action drop Recommen...

Страница 214: ...0023 Default Severity INFORMATIONAL Log Message Connection used to forward a packet Explanation A packet has passed through the connection Gateway Action None Recommended Action None Revision 1 Contex...

Страница 215: ...ult Severity INFORMATIONAL Log Message FTPALG Active data channel closed Explanation An active data channel was closed Gateway Action None Recommended Action None Revision 1 Context Parameters ALG Mod...

Страница 216: ...Rule Information Connection Chapter 2 Log Message Reference 216...

Страница 217: ...p4addr 2 12 2 lease_changed ID 00700002 Default Severity WARNING Log Message Some vital parameter s in the lease on interface iface have changed restarting DHCP process Explanation The DHCP server hav...

Страница 218: ..._seconds Context Parameters Packet Buffer 2 12 5 lease_expired ID 00700005 Default Severity NOTICE Log Message Interface iface lease expired Explanation A lease have expired and the ip data for this i...

Страница 219: ...alid server ID server_id Explanation An interface received a lease with an invalid server ID parameter Gateway Action drop Recommended Action Check DHCP server configuration Revision 1 Parameters ifac...

Страница 220: ...Log Message Interface iface received a lease with an invalid offered IP offered_ip Explanation An interface received a lease with an invalid offered IP address Gateway Action drop Recommended Action C...

Страница 221: ...er 2 12 13 ip_collision ID 00700014 Default Severity WARNING Log Message Interface iface received a lease which if used will cause an IP collision DHCP IP dhcp_ip collides with configured route config...

Страница 222: ...eived a lease which if used will cause a route collision with a configured route Gateway Action drop Recommended Action Check DHCP server configuration and SG interface configuration Revision 1 Parame...

Страница 223: ...sage DHCP relay list was successfully auto saved to disk Explanation The DHCP relay list was successfully written to disk Gateway Action None Recommended Action None Revision 1 2 13 3 dhcp_pkt_too_sma...

Страница 224: ...anation The maximum DHCP packets per minute limit for the relayer have been reached Gateway Action None Recommended Action Verify packets per minute limit Revision 1 Context Parameters Packet Buffer 2...

Страница 225: ...should be canceled Gateway Action relay_canceled Recommended Action None Revision 1 Parameters client_ip Context Parameters Packet Buffer 2 13 9 got_reply_without_transaction_state ID 00800009 Default...

Страница 226: ...n t add DHCP relay route Dropping Explanation Unable to add DHCP relay route since out of memory Gateway Action drop Recommended Action Check firewall memory consumption Revision 1 Context Parameters...

Страница 227: ...relayed INFORM DHCP packet with illegally mismatching source and client IP Gateway Action drop Recommended Action Investigate what client implementation is being used Revision 1 Context Parameters Ru...

Страница 228: ...og Message BOOTP DHCP server at dest_ip is unroutable Dropping Explanation Unable to find route to specified DHCP server Gateway Action drop Recommended Action Update routing table with a route to the...

Страница 229: ...eters Rule Name Packet Buffer 2 13 20 relayed_request ID 00800020 Default Severity NOTICE Log Message Relayed DHCP request type from client client_hw to dest_ip Explanation Relayed a DHCP request Gate...

Страница 230: ...ecurity equivalent interface setting Revision 1 Parameters client_hw Context Parameters Rule Name Packet Buffer 2 13 23 assigned_ip_not_allowed ID 00800023 Default Severity WARNING Log Message DHCP BO...

Страница 231: ...dest_ip already exists which points to another interface Dropping Explanation An ambiguous host route indicating another interface was detected trying to setup a dynamic hostroute for a client Gateway...

Страница 232: ...8 relayed_dhcp_reply ID 00800028 Default Severity NOTICE Log Message Relayed DHCP reply type to gateway gateway_ip Explanation Relayed DHCP reply to a gateway Gateway Action None Recommended Action No...

Страница 233: ...Revision 1 Parameters gateway_ip Context Parameters Rule Name Packet Buffer Chapter 2 Log Message Reference 233...

Страница 234: ...ge The option section is too big unable to reply Dropping Explanation Unable to send reply since the DHCP option section is too big Gateway Action drop Recommended Action Reduce the number of used DHC...

Страница 235: ...ion drop Recommended Action Investigate what client implementation is being used Revision 1 Context Parameters Packet Buffer 2 14 6 request_for_ip_from_non_bound_client_without_state ID 00900006 Defau...

Страница 236: ...bound client for IP client_ip without state Ignoring Explanation Received a request from an unbound client without state Gateway Action None Recommended Action None Revision 1 Parameters client client...

Страница 237: ...t_hw Explanation A client lease wasn t renewed and timed out Gateway Action lease_inactive Recommended Action None Revision 1 Parameters client_ip client_hw Context Parameters Rule Name 2 14 12 lease_...

Страница 238: ...client_hw Sending IP offer offer_ip Explanation Received discover initial IP query from a client Gateway Action None Recommended Action None Revision 1 Parameters client_hw offer_ip Context Parameter...

Страница 239: ...og Message Client client_hw requested non bound IP Rejecting Explanation Client requested a non bound IP Gateway Action reject Recommended Action None Revision 1 Parameters client_hw client_wanted bou...

Страница 240: ...e Got INFORM request from client client_hw Acknowledging Explanation Got an inform client already got an IP and asks for configuration parameters request from a client Gateway Action acknowledging Rec...

Страница 241: ...1 Parameters client_hw Context Parameters Rule Name Packet Buffer 2 14 23 declined_by_client ID 00900024 Default Severity WARNING Log Message Client client_hw declined IP client_ip IP blacklisted Expl...

Страница 242: ...ient_ip on wrong interface recv recv_if lease client_if Decline is ignored Explanation Got release from a client on the wrong interface Gateway Action None Recommended Action Check network for inconsi...

Страница 243: ...client_ip Context Parameters Rule Name Packet Buffer Chapter 2 Log Message Reference 243...

Страница 244: ...hosts Revision 1 Parameters iface ip6addr 2 15 2 lease_acquired ID 07300003 Default Severity NOTICE Log Message Interface iface have successfully acquired a lease Explanation An interface have succes...

Страница 245: ...vision 1 Parameters iface 2 15 5 adv_bad_status ID 07300006 Default Severity WARNING Log Message DHCPv6 server Advertisment unsuccessful status on iface Status code Explanation A DHCPv6 Advertisment w...

Страница 246: ..._offered ID 07300009 Default Severity WARNING Log Message DHCPv6 server Reply offered a bad address address on iface Explanation A DHCPv6 Reply was received containing a bad ip address Gateway Action...

Страница 247: ...vision 1 Parameters preferred valid iface 2 15 11 ip_collision ID 07300012 Default Severity WARNING Log Message Interface iface received an offer which if used will cause an IP collision DHCPv6 IP dhc...

Страница 248: ...NG Log Message Server ID option missing in received message Explanation The received packet is missing vital information Gateway Action drop Recommended Action Investigate what client implementation i...

Страница 249: ...Unable to get a buffer for sending Gateway Action None Recommended Action Check buffer consumption Revision 1 2 16 6 sending_reply ID 07400006 Default Severity NOTICE Log Message Received SOLICIT wit...

Страница 250: ...s lease Gateway Action renew Recommended Action None Revision 1 Parameters client_hw iface client_ip 2 16 9 client_rebound ID 07400009 Default Severity NOTICE Log Message Client client_hw on iface ren...

Страница 251: ...Extend the pool to support more IP addresses Revision 1 Context Parameters Rule Name 2 16 12 bad_udp_checksum ID 07400012 Default Severity WARNING Log Message Received DHCPv6 packet with bad UDP check...

Страница 252: ...sed Revision 1 Context Parameters Packet Buffer 2 16 15 invalid_options_length ID 07400015 Default Severity WARNING Log Message Received DHCPv6 packet with faulty options size Dropping Explanation Rec...

Страница 253: ...essage Unexpected message type Advertise in received packet Explanation Received DHCPv6 packet with unexpected message type Advertise Gateway Action drop Recommended Action None Revision 1 Context Par...

Страница 254: ...ype Relay reply in received packet Explanation Received DHCPv6 packet with unexpected message type Relay reply Gateway Action drop Recommended Action None Revision 1 Context Parameters Packet Buffer 2...

Страница 255: ...f IP addresses for the FQDN has been exceeded Gateway Action ignore Recommended Action None Revision 1 Parameters name 2 17 2 ipv4_max_addresses ID 08000002 Default Severity WARNING Log Message FQDN o...

Страница 256: ...ry consumption Revision 1 Context Parameters Dynamic Route Rule Name Route 2 18 2 route_exported_to_ospf_as ID 01100002 Default Severity NOTICE Log Message Route exported to OSPF AS Explanation A rout...

Страница 257: ...memory consumption Revision 1 Context Parameters Dynamic Route Rule Name Route 2 18 5 route_added ID 01100005 Default Severity NOTICE Log Message Route added Explanation A route was just added Gatewa...

Страница 258: ...Revision 1 Context Parameters Dynamic Route Rule Name Route Chapter 2 Log Message Reference 258...

Страница 259: ...ive fragment contained fragments Dropping Explanation An Internal Error occured when freeing an active fragment Dropping packet Gateway Action drop Recommended Action None Revision 1 Context Parameter...

Страница 260: ...t and freeing resources Gateway Action drop Recommended Action None Revision 1 Parameters srcip destip ipproto fragid fragact frags Context Parameters Dropped Fragments Rule Name 2 19 5 fail_suspect_t...

Страница 261: ...None Revision 1 Parameters srcip destip ipproto fragid fragact frags Context Parameters Dropped Fragments Rule Name 2 19 7 disallowed_suspect ID 02000007 Default Severity WARNING Log Message Dropping...

Страница 262: ...None Revision 1 Parameters srcip destip ipproto fragid fragact frags Context Parameters Dropped Fragments Rule Name 2 19 9 drop_frags_of_illegal_packet ID 02000009 Default Severity WARNING Log Message...

Страница 263: ...gact frags Context Parameters Dropped Fragments Rule Name 2 19 11 learn_state ID 02000011 Default Severity ERROR Log Message Internal Error Invalid state state Explanation Internal Error the fragmente...

Страница 264: ...ecommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 19 14 frag_offset_plus_length_not_in_range ID 02000014 Default Severity ERROR Log Message Fragment offset length not in r...

Страница 265: ...reassembled IP packet has an invalid IP data length Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters ipdatalen Context Parameters Rule Name Packet Buffer 2 19 17 bad_i...

Страница 266: ...Explanation The fragment has an invalid offset Dropping packet Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 19 20 duplicate_frag_with_different_l...

Страница 267: ...Default Severity ERROR Log Message Fragments partially overlap Explanation Two fragments partially overlap Dropping packet Gateway Action drop Recommended Action None Revision 1 Context Parameters Rul...

Страница 268: ...agment of completed packet Explanation A completed reassembled IP packet contains a extraneous fragment which is dropped Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule...

Страница 269: ...llegal packet Explanation A fragment of an illegal IP packet is dropped Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 19 29 fragments_available_fr...

Страница 270: ...ment last fragment with zero offset Dropping packet Explanation A fragment with More Fragments flag cleared and an Offset of zero is not a legal fragment Dropping packet Gateway Action drop Recommende...

Страница 271: ...load the IPv4 Geolocation database Gateway Action None Recommended Action None Revision 1 Parameters protocol reason 2 20 2 database_load_failed ID 08100002 Default Severity WARNING Log Message Unabl...

Страница 272: ...s ID 02200002 Default Severity WARNING Log Message GRE packet with bad flag s Packet dropped Explanation Received GRE packet with a bad flag combination Gateway Action drop Recommended Action Check GR...

Страница 273: ...th error Packet dropped Explanation Received GRE packet with length error Gateway Action drop Recommended Action Check GRE endpoint configuration Revision 1 Context Parameters Packet Buffer 2 21 6 gre...

Страница 274: ...sion 1 Parameters session_key Context Parameters Packet Buffer 2 21 8 gre_routing_flag_set ID 02200008 Default Severity WARNING Log Message Received GRE packet with routing flag set Packet dropped Exp...

Страница 275: ...NOTICE Log Message Peer firewall disappeared Explanation The peer gateway which was inactive is not available anymore This gateway will continue to stay active Gateway Action None Recommended Action N...

Страница 276: ...ill de activate Gateway Action deactivate Recommended Action None Revision 1 2 22 6 peer_has_more_connections ID 01200006 Default Severity NOTICE Log Message Both active peer has more connections deac...

Страница 277: ...Log Message Both inactive peer has more connections staying inactive Explanation Both members are inactive but the peer has more connections This gateway will stay inactive Gateway Action stay_deacti...

Страница 278: ...ction drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 22 13 should_have_arrived_on_sync_iface ID 01200044 Default Severity WARNING Log Message This packet should h...

Страница 279: ..._commit_error ID 01200052 Default Severity WARNING Log Message The merged HA configuration contains errors Explanation The merged HA configuration contains errors and can not be commited Gateway Actio...

Страница 280: ...ve reason Explanation Linkmon requested the node to go inactive Gateway Action None Recommended Action None Revision 1 Parameters reason 2 22 20 resync_conns_to_peer ID 01200100 Default Severity WARNI...

Страница 281: ...s expired A new connection will be establised by reconnecting to the peer Gateway Action reconnect Recommended Action None Revision 2 2 22 23 hasync_connection_failed_timeout ID 01200202 Default Sever...

Страница 282: ...nc_iface ID 01200410 Default Severity WARNING Log Message Received state sync packet on non sync iface Dropping Explanation A HA state sync packet was recieved on a non sync interface This should neve...

Страница 283: ...g_sync_failure ID 01200500 Default Severity CRITICAL Log Message Tried to synchronize configuration to peer 3 times without success Giving up Explanation The gateway tried to synchronize the configura...

Страница 284: ...e activation in progress Gateway Action activate Recommended Action None Revision 2 2 22 32 going_online ID 01200618 Default Severity NOTICE Log Message Ha unit going online Explanation Ha unit going...

Страница 285: ...ecommended Action Shutdown the unit and determine the problem Revision 1 Parameters index name unit current_temp min_limit max_limit 2 23 2 temperature_normal ID 04000012 Default Severity WARNING Log...

Страница 286: ...outside the specified limit Current value is current_voltage unit lower limit is min_limit upper limit is max_limit Explanation The sensor reports that the voltage value is back in the normal range Ga...

Страница 287: ...lue is back in the normal range Gateway Action None Recommended Action None Revision 1 Parameters index name unit current_fanrpm min_limit max_limit 2 23 7 gpio_alarm ID 04000041 Default Severity WARN...

Страница 288: ...gpio min_limit max_limit 2 23 9 free_memory_warning_level ID 04000101 Default Severity WARNING Log Message Free memory has fallen below the specified limit of limit_percentage percent limit classified...

Страница 289: ...and disable or lower settings to reduce memory consumption Revision 1 Parameters limit_megabyte total_mem free_mem free_percentage severity 2 23 11 free_memory_normal_level ID 04000103 Default Severit...

Страница 290: ...e ID if you suspect an attack Revision 2 Parameters description signatureid idrule ipproto srcip srcport destip destport internalid Context Parameters Rule Name Deep Inspection 2 24 2 idp_notice ID 01...

Страница 291: ...the traffic Gateway Action close Recommended Action Research the advisory searchable by the unique ID Revision 2 Parameters description signatureid idrule ipproto srcip srcport destip destport interna...

Страница 292: ...p Destination Port destport Internal ID internalid Explanation A scan signature matched the traffic Gateway Action None Recommended Action Research the advisory searchable by the unique ID Revision 2...

Страница 293: ...E Log Message Intrusion detected description Signature ID signatureid ID Rule idrule Protocol ipproto Source IP srcip Source Port srcport Destination IP destip Destination Port destport Internal ID in...

Страница 294: ...p Inspection 2 24 9 invalid_url_format ID 01300009 Default Severity ERROR Log Message Failed to parse the HTTP URL ID Rule idrule URL url Source IP srcip Source Port srcport Destination IP destip Dest...

Страница 295: ...Rule Name 2 24 11 idp_evasion ID 01300011 Default Severity ERROR Log Message Failed to reassemble data ID Rule idrule Source IP srcip Source Port srcport Destination IP destip Destination Port destpor...

Страница 296: ...ng connection Explanation The unit failed to scan data The reason for this is due to low amount of memory Gateway Action close Recommended Action Review your configuration Revision 1 Parameters idrule...

Страница 297: ...to scan data Gateway Action close Recommended Action None Revision 1 Parameters idrule srcip srcport destip destport reason Context Parameters Rule Name 2 24 16 idp_failscan ID 01300016 Default Severi...

Страница 298: ...d since the signature file has been disabled or no signature file was found Gateway Action idp_scanning_aborted Recommended Action For IDP scanning a valid license with IDP enabled must be installed I...

Страница 299: ...2 host_idp_piped ID 06100002 Default Severity NOTICE Log Message Dynamic pipe state added for host host Throughput limited to limit for all new connections for ttl seconds Explanation An IDP Pipe even...

Страница 300: ...meters replaced_host old_host_ttl 2 25 5 idp_piped_state_expire ID 06100005 Default Severity DEBUG Log Message Removed IDP dynamic pipe state for host host due to TTL expire Explanation An old dynamic...

Страница 301: ...ited to limit Explanation A new connection is piped to limit kbps since either the source or destination IP is dynamically throttled by IDP dynamic pipe state New connections to and from the IP will b...

Страница 302: ...ameters reason 2 26 2 idp_database_downloaded ID 01400002 Default Severity NOTICE Log Message New Intrusion Detection Prevention database downloaded Explanation An updated version of the Intrusion Det...

Страница 303: ...gnature file IDP disabled Explanation The system clock is not up to date The system clock must be set correctly in order to use the IDP features IDP features remains disabled until clock is correct an...

Страница 304: ...ownloading_new_database Recommended Action None Revision 1 2 26 8 sigfile_parser_error ID 01400018 Default Severity WARNING Log Message Signature file is corrupted and will be removed Explanation An e...

Страница 305: ...tus_bad ID 03900003 Default Severity WARNING Log Message IfaceMon reports interface problems on iface Resetting interface Link status linkspeed Mbps duplex duplex Explanation The Interface Monitor has...

Страница 306: ...Recommended Action None Revision 1 Parameters iface linkspeed duplex Chapter 2 Log Message Reference 306...

Страница 307: ...at interface iface Explanation I am no longer the IMGP Querier at the specified interface Gateway Action None Recommended Action None Revision 1 Parameters dest iface 2 28 3 invalid_dest_ip_address I...

Страница 308: ...ers Packet Buffer 2 28 5 failed_restarting_igmp_conn ID 04200006 Default Severity EMERG Log Message Could not restart the IGMP listening conn Reason Out of memory Explanation Could not restart the IGM...

Страница 309: ...s found inside group specific query This is most likely a faulty SAT config Gateway Action drop Recommended Action Check your IGMP ruleset to see if a muticast group somehow might be translated into a...

Страница 310: ...Query at interface iface Explanation This is most likely a faulty IGMP configuration but may also indicate faulty software on the network Under special circumstances this could be an active attempt to...

Страница 311: ...G Log Message IGMP Group record grp from interface recv_if contains auxilliary data Explanation This software support IGMPv1 IGMPv2 and IGMPv3 and none of them support the feature known as Auxilliary...

Страница 312: ...p record request group grp which is not a multicast group Explanation This is most likely a faulty IGMP config Gateway Action drop Recommended Action Specifically check for inconsistent SAT NAT inform...

Страница 313: ...RNING Log Message Rule name drops multicast sender src for group record grp in Member Report at interface iface Explanation IGMP Member Report contains an unwanted IP sender Gateway Action drop Recomm...

Страница 314: ...ction drop Recommended Action Increase global IGMPMaxReqs per second limit if more requests are wanted Revision 1 Parameters ipsrc iface 2 28 20 max_if_requests_per_second_reached ID 04200021 Default...

Страница 315: ...tion Invalid IGMP message type received Gateway Action drop Recommended Action None but keep an eye open for malfunctional software hardware on the network Revision 1 Parameters MSGType Context Parame...

Страница 316: ...ty mode on interface iface has ended Entering IGMPv nigmpver mode Explanation The router has not heard any IGMPv igmpver general queries and will switch and use IGMPv nigmpver version when snooping pr...

Страница 317: ...lt Severity NOTICE Log Message 6in4 tunnel iface resolved remotegwname to remotegw Explanation The 6in4 tunnel succesfully resolved the DNS name of remote endpoint Gateway Action None Recommended Acti...

Страница 318: ...s senderip Context Parameters Packet Buffer 2 29 5 6in4_length_error ID 07800005 Default Severity WARNING Log Message 6in4 packet length error Packet dropped Explanation Received 6in4 packet with leng...

Страница 319: ...valid IPv6 sender in 6in4 tunnel senderip Packet dropped Explanation Packet should be dropped according to RFC 4213 since the source IP address is invalid Gateway Action drop Recommended Action Check...

Страница 320: ...t Severity ERROR Log Message No valid DHCP offers were received Explanation No valid DHCP offers were received Gateway Action no_new_client_created Recommended Action Review DHCP server parameters and...

Страница 321: ...lease was rejected due to a server filter Explanation A lease was rejected by a server filter Gateway Action lease_rejected Recommended Action Verify the server filters Revision 1 Parameters server_i...

Страница 322: ...was rejected due to a bad offered broadcast address Explanation A lease was rejected due to a bad offered broadcast address Gateway Action lease_rejected Recommended Action Check DHCP server configur...

Страница 323: ...sage The lease was rejected since it seem to be occupied Explanation A lease was rejected since it seem to be occupied Gateway Action lease_rejected Recommended Action Check DHCP server configuration...

Страница 324: ...of clients for this IP pool have been reached Explanation The maximum number of clients for this pool have been reached Gateway Action no_new_client_created Recommended Action Verify max clients limit...

Страница 325: ...1 Parameters client_ip subsystem Context Parameters Rule Name 2 30 17 ip_returned_to_pool ID 01900017 Default Severity NOTICE Log Message Subsystem returned an IP to the pool Explanation A subsystem...

Страница 326: ...1800101 Default Severity WARNING Log Message Warning event occured because of reason Explanation Warning event from IPsec stack Gateway Action None Recommended Action None Revision 1 Parameters reason...

Страница 327: ...fault Severity NOTICE Log Message Local IP local_ip Remote IP remote_ip Cookies cookies Reason reason Explanation None Gateway Action None Recommended Action None Revision 1 Parameters local_ip remote...

Страница 328: ...emote_ip cookies reason 2 31 8 ike_retry_limit_reached ID 01800108 Default Severity NOTICE Log Message Local IP local_ip Remote IP remote_ip Cookies cookies Reason reason Explanation The retry limit f...

Страница 329: ...ket Gateway Action drop Recommended Action None Revision 1 Parameters source_ip dest_ip spi seq protocol reason 2 31 11 icv_failure ID 01800111 Default Severity NOTICE Log Message Source IP source_ip...

Страница 330: ...3 Default Severity NOTICE Log Message Source IP source_ip Destination IP dest_ip SPI spi Seq seq Protocol protocol Reason reason Explanation The received packet could not be mapped to an appropriate S...

Страница 331: ...to transmit a packet that would result in sequence number overflow Gateway Action None Recommended Action None Revision 1 Parameters source_ip dest_ip spi seq protocol reason 2 31 16 bad_padding ID 01...

Страница 332: ...dest_ip spi seq protocol reason 2 31 18 hardware_acceleration_failure ID 01800118 Default Severity NOTICE Log Message Source IP source_ip Destination IP dest_ip SPI spi Seq seq Protocol protocol Reas...

Страница 333: ...commit IPsec configuration Explanation Failed to commit IPsec configuration Gateway Action IPsec_configuration_disabled Recommended Action Reconfigure_IPsec Revision 1 2 31 21 commit_succeeded ID 018...

Страница 334: ...4 failed_to_start_ipsec ID 01800205 Default Severity CRITICAL Log Message Failed to start IPsec Explanation Failed to start IPsec Policy Manager create did not complete Gateway Action ipsec_disabled R...

Страница 335: ...ne Revision 1 2 31 28 failed_to_configure_IPsec ID 01800209 Default Severity CRITICAL Log Message Failed during configuration with error error_msg for tunnel tunnel Explanation Failed to set IPsec con...

Страница 336: ...fault Severity ERROR Log Message Failed to reconfigure IPsec Explanation Failed to reconfigure IPsec No policymanager object Gateway Action new_ipsec_configuration_disabled Recommended Action None Rev...

Страница 337: ...eters local_id tunnel 2 31 35 Failed_to_add_certificate ID 01800302 Default Severity ERROR Log Message Failed add host certificate certificate for tunnel tunnel Explanation Failed to add specified hos...

Страница 338: ...operties ID 01800305 Default Severity ERROR Log Message Failed to set properties for IKE algorithm alg for tunnel tunnel Explanation Failed to set specified properties keysize lifetimes for IKE algori...

Страница 339: ...9 Default Severity WARNING Log Message Failed to resolve remote endpoint endpoint for IPsec Tunnel ipsectunnel Disabling IPsec tunnel Explanation Failed to resolve remote endpoint through DNS Gateway...

Страница 340: ...ed_to_add_rules ID 01800314 Default Severity ERROR Log Message Failed to commit rules after remote endpoint endpoint have been resolved by DNS for IPsec tunnel ipsectunnel Explanation Failed to add ru...

Страница 341: ...INFORMATIONAL Log Message Peer peer has been detected dead Explanation A remote peer have been detected as dead This will cause all tunnels associated with the peer to be taken down Gateway Action IPs...

Страница 342: ...20 Default Severity CRITICAL Log Message Try to read out external keyporvider object when no policymanager object avaliable Explanation Try to read out external keyporvider object when no policymanage...

Страница 343: ...efault Severity ERROR Log Message Failed to configure Remote ID remote_id for tunnel tunnel Explanation Failed to configure tunnel with specified remote id Gateway Action RemoteID_disabled Recommended...

Страница 344: ...es not exist ippool Explanation The config mode pool refers to an IP pool that does not exist As a result IPsec clients using config mode will not be able lease IP addresses Gateway Action None Recomm...

Страница 345: ...ssage Freed IP ip from use in IKE config mode Explanation A dynamically allocated IP was freed from use with IKE config Gateway Action None Recommended Action None Revision 2 Parameters ip 2 31 60 cfg...

Страница 346: ...None Recommended Action None Revision 1 Parameters ippool 2 31 63 cfgmode_failed_to_add_ip ID 01800407 Default Severity WARNING Log Message Failed to add IP to address table Explanation The IP address...

Страница 347: ...Log Message IPsec tunnel ipsec_connection is disabled Packet will be dropped Explanation A packed was dropped due to the IPsec interface being disabled Gateway Action packet_will_be_dropped Recommende...

Страница 348: ...IPsec interface disabled Gateway Action None Recommended Action None Revision 1 2 31 70 no_route ID 01800507 Default Severity WARNING Log Message Failed to lookup route No route for packet to remote...

Страница 349: ...will_fail Recommended Action Reconfigure Revision 1 2 31 73 insufficient_resources_for_eap ID 01800602 Default Severity ERROR Log Message Insufficient resources for EAP protocol Explanation Insufficie...

Страница 350: ...HROUGH is not set as authentication method Gateway Action None Recommended Action None Revision 1 2 31 77 eap_not_supported ID 01800606 Default Severity ERROR Log Message No support for EAP RADIUS no...

Страница 351: ...tity ID 01800609 Default Severity ERROR Log Message Failed to get EAP identity for tunnel tunnelname Explanation Failed to get EAP identity Gateway Action eap_authentication_will_fail Recommended Acti...

Страница 352: ...ommended Action None Revision 1 2 31 84 no_eap_identity ID 01800613 Default Severity ERROR Log Message No EAP identity established Explanation No EAP identity established Gateway Action eap_authentica...

Страница 353: ...Timeout internal error received from RADIUS server Gateway Action radius_communication_disabled Recommended Action None Revision 1 2 31 88 radius_reject ID 01800634 Default Severity ERROR Log Message...

Страница 354: ...AP packet detected Explanation Length less than 4 indicates that the EAP packet was invalid Gateway Action eap_packet_discarded Recommended Action None Revision 1 2 31 92 outofmem_forward_eap_packet I...

Страница 355: ...erver Explanation Failed to send the EAP identity response to the RADIUS server Gateway Action eap_packet_dropped Recommended Action None Revision 1 2 31 95 no_imsi ID 01800641 Default Severity WARNIN...

Страница 356: ...eer and IMSI Gateway Action None Recommended Action None Revision 1 Parameters peer imsi 2 31 98 ipsec_sa_peer_imsi ID 01800903 Default Severity INFORMATIONAL Log Message Child SA established with pee...

Страница 357: ...2 31 100 ike_sa_rekeyed ID 01800905 Default Severity INFORMATIONAL Log Message IKE SA rekeyed Local IKE peer local_ip local_port local_id Remote IKE peer remote_iface remote_ip remote_port remote_id...

Страница 358: ...t local_id remote_id local_ike_spi remote_ike_spi peer_dead 2 31 102 ipsec_sa_created ID 01800907 Default Severity INFORMATIONAL Log Message IPsec SA created Source IP local_ip Destination IP remote_i...

Страница 359: ...n None Revision 3 Parameters ipsec_if local_ip remote_ip cfgmode_ip esp_spi_in esp_spi_out old_spi ike_spi_i ike_spi_r esp_cipher esp_cipher_keysize esp_mac esp_mac_keysize life_seconds life_kilobytes...

Страница 360: ...ey_out mac_key_out 2 31 106 out_of_memory ID 01801100 Default Severity ALERT Log Message Out of memory while trying to report a connection to the UNC Explanation System ran out of memory while allocat...

Страница 361: ...connection established with scip_server on port server_port Explanation A SCIP connection was established Gateway Action None Recommended Action None Revision 1 Parameters scip_server server_port 2 3...

Страница 362: ...address ipaddress port Explanation SCIP packet dropped Out of sockets No new connection could be set up Gateway Action drop Recommended Action None Revision 1 Parameters ipaddress port 2 31 113 trigg...

Страница 363: ...Revision 1 2 31 116 max_ipsec_sa_negotiations_reached ID 01802004 Default Severity WARNING Log Message The maximum number of active Quick Mode negotiations reached Rekey not done Explanation Maximum n...

Страница 364: ...els 2 31 119 ike_sa_rekey_failed ID 01802020 Default Severity WARNING Log Message Rekey of IKE sa failed statusmsg status Local IKE peer local_peer Remote IKE peer remote_peer Initiator SPI spi_i Resp...

Страница 365: ...spi_i Responder SPI spi_r Explanation Negotiation of IKE SA failed Gateway Action no_ike_sa Recommended Action None Revision 5 Parameters statusmsg reason local_peer remote_peer spi_i spi_r initiator...

Страница 366: ...IKE peer local_peer Remote IKE peer remote_peer Initiator SPI ike_spi_i Responder SPI ike_spi_r Explanation IPsec SA negotiation failed Gateway Action ipsec_sa_disabled Recommended Action None Revisio...

Страница 367: ...061 Default Severity ERROR Log Message Could not narrow traffic selectors SA from policy rule Explanation Failed to narrow configured traffic selectors Gateway Action ipsec_sa_negotiation_aborted Reco...

Страница 368: ...Gateway Action VPN_tunnel_invalid Recommended Action Reconfigure_PSK Revision 1 2 31 131 nat_mapping_changed_ipsec ID 01802080 Default Severity INFORMATIONAL Log Message NAT mapping changed Local end...

Страница 369: ...Psec Revision 1 2 31 134 no_key_method_configured_for tunnel ID 01802102 Default Severity ERROR Log Message Tunnel does not specify any keying method IKE or manual Explanation No keying method IKE man...

Страница 370: ...ule_setting ID 01802105 Default Severity ERROR Log Message Both REJECT and PASS defined for a rule Explanation Can not specify both pass and reject for a rule Gateway Action None Recommended Action No...

Страница 371: ...sec Revision 1 2 31 141 input_traffic_selector_corrupt ID 01802112 Default Severity ERROR Log Message Input traffic selector contains more than the built in maximum number of items Explanation Input t...

Страница 372: ...ngine database Explanation Failed to add rule to engine database Gateway Action tunnel_will_not_work_as_expected Recommended Action None Revision 1 2 31 145 no_algorithms_configured_for_tunnel ID 0180...

Страница 373: ...s forbidden by RFC 2406 Explanation Tunnel is configured with invalid algorithm ESP NULL NULL Gateway Action VPN_tunnel_disabled Recommended Action Reconfigure_tunnel Revision 1 Parameters tunnel 2 31...

Страница 374: ...ded Action Reconfigure_tunnel Revision 1 Parameters keysize tunnel max 2 31 151 invalid_mac_keysize ID 01802206 Default Severity ERROR Log Message Configured max MAC key size keysize is bigger for tun...

Страница 375: ...Revision 2 Parameters tunnel 2 31 154 invalid_tunnel_configuration ID 01802209 Default Severity ERROR Log Message Auto start tunnel tunnel configured for per port or per host SA Explanation per port o...

Страница 376: ...Default Severity ERROR Log Message Out of memory Could not allocate memory tunnel tunnel endpoints Explanation Out of memory Could not allocate memory for tunnel endpoints Gateway Action VPN_tunnel_di...

Страница 377: ...unknown algorithm Explanation Algorithm key sizes specified for unknown algorithm Gateway Action VPN_tunnel_disabled Recommended Action Reconfigure_tunnel Revision 2 2 31 161 invalid_key_size ID 0180...

Страница 378: ...econfigure_tunnel Revision 1 Parameters keysize max 2 31 164 invalid_key_size ID 01802219 Default Severity ERROR Log Message Tunnel specified key size limits for mac alg with fixed key size Explanatio...

Страница 379: ...ameters localaddr remoteaddr srcif 2 31 167 no_tunnel_id_specified ID 01802222 Default Severity ERROR Log Message No tunnel identity specified for tunnel Explanation No tunnel identity specified in co...

Страница 380: ...ity specified in configuration Gateway Action VPN_tunnel_invalid Recommended Action Reconfigure_remote_id Revision 1 Parameters id 2 31 171 several_secrets_specified_for_tunnel ID 01802226 Default Sev...

Страница 381: ...ched ID 01802401 Default Severity NOTICE Log Message The maximum number of active IKE rekeys reached Explanation Maximum number of active IKE rekeys reached Gateway Action rekey_aborted Recommended Ac...

Страница 382: ...ated Recommended Action None Revision 1 2 31 178 warning_level_ike_sa_reached ID 01802405 Default Severity WARNING Log Message The number of active IKE SAs reached 90 of the maximum allowed Explanatio...

Страница 383: ...ntext Gateway Action None Recommended Action None Revision 1 Parameters filename 2 31 182 could_not_decode_certificate ID 01802600 Default Severity WARNING Log Message Could not decode Certificate to...

Страница 384: ...could_not_set_cert_to_non_CRL_issuer ID 01802603 Default Severity WARNING Log Message Could not set CA certificate to non CRL issuer This may cause authentication errors if valid CRLs are not availab...

Страница 385: ...te into local database Gateway Action certificate_disabled Recommended Action None Revision 1 2 31 189 could_not_decode_certificate ID 01802607 Default Severity WARNING Log Message Could not decode Ce...

Страница 386: ...ould not decode CRL The certificate may be corrupted or it was given in unrecognized format File format may be wrong Explanation Could_not_decode_CRL Gateway Action certificate_invalid Recommended Act...

Страница 387: ...was given in unrecognized format Explanation Could_not_decode_certificate Gateway Action certificate_invalid Recommended Action None Revision 1 2 31 196 cfgmode_exchange_event ID 01802709 Default Sev...

Страница 388: ...None Recommended Action None Revision 1 Parameters dns_server 2 31 199 remote_access_wins ID 01802712 Default Severity INFORMATIONAL Log Message WINS for remote access attributes win Explanation WINS...

Страница 389: ...2715 Default Severity WARNING Log Message Event msg occured for IKE SA side Internal severity level int_severity Explanation Event occured at IKE SA Gateway Action None Recommended Action None Revisio...

Страница 390: ...ers reason int_severity 2 31 205 outofmem_create_policy_manager ID 01802800 Default Severity CRITICAL Log Message Failed to create Policy Manger Explanation Could not allocate memory for policymanager...

Страница 391: ...y for engine object Gateway Action ipsec_disabled Recommended Action None Revision 1 2 31 209 failed_init_fastpath ID 01802902 Default Severity CRITICAL Log Message Failed to initialize fastpath Expla...

Страница 392: ...ay Action ipsec_disabled Recommended Action None Revision 1 2 31 213 maximum_nr_of_ipsec_sa_per_ike_sa_reached ID 01803000 Default Severity ERROR Log Message Maximum number max_ipsec of allowed IPsec...

Страница 393: ...og Message Warning Host certificate certname has expired not_valid_after Explanation Host certificate has expired Gateway Action None Recommended Action None Revision 1 Parameters certname not_valid_a...

Страница 394: ...destroyed Explanation Failed to link an imported IKE SA with an userauthentication object Gateway Action None Recommended Action None Revision 1 Parameters peer imsi 2 31 219 faild_to_find_userauthob...

Страница 395: ...Log Message Hardware acceleration of RSA CRT calculation failed msg Explanation The failed calculation will be made in software instead Hardware acceleration can fail due to valid reasons like a full...

Страница 396: ...pond on ICMP ping All IKE and IPsec SAs for the tunnel interface will be deleted and traffic routed into the tunnel will trigger a new IKE negotiation against the remote peer Gateway Action sas_delete...

Страница 397: ...o attach RADIUS errorcode server in IKE negotiation for peer peer_ip peer_port Explanation Failed to attach RADIUS server communication IKE negotiation will fail Gateway Action fail_ike_negotiation Re...

Страница 398: ...ity NOTICE Log Message ND entry was added to the ND cache Explanation ND entry was added to the ND cache Gateway Action added_entry Recommended Action None Revision 1 Parameters enetaddr ipaddr iface...

Страница 399: ...eached ID 06400030 Default Severity NOTICE Log Message Neighbor Discovery cache size limit reached Explanation The Neighbor Discovery cache size limit has been reached Current license limit is limit G...

Страница 400: ...8 nd_option_hw_address_mismatch ID 06400033 Default Severity NOTICE Log Message ND Link Layer option Enet sender mismatch Dropping packet Explanation The Neighbor Discovery packet Link Layer option d...

Страница 401: ...k equipment exists Revision 1 Context Parameters Rule Name Packet Buffer 2 32 11 nd_illegal_lladdress_option_size ID 06400036 Default Severity WARNING Log Message Illegal option size Dropping Explanat...

Страница 402: ...t Parameters Rule Name Packet Buffer 2 32 14 nd_illegal_redirect_option_size ID 06400039 Default Severity WARNING Log Message Illegal option size Dropping Explanation The Neighbor Discovery packet opt...

Страница 403: ...ID 06400042 Default Severity WARNING Log Message Neighbor Discovery packet truncated at ND option Dropping Explanation The Neighbor Discovery packet is truncated at ND option Dropping packet Gateway A...

Страница 404: ...rget IP targetip is my address but Ethernet address targetenet is not Dropping Explanation The Neighbor Advertisement packet target IP address matches that of the receiving interface but the target li...

Страница 405: ...Action Verify that no faulty network equipment exists Revision 1 Parameters senderip Context Parameters Rule Name Packet Buffer 2 32 23 nd_multicast_target_address ID 06400048 Default Severity WARNING...

Страница 406: ...erity NOTICE Log Message Allowed by expect rule in access section Explanation The Neighbor Discovery sender IP address is verified by an expect rule in the access section Gateway Action access_allow R...

Страница 407: ...or Advertisement packet is missing the Target Link Layer option Dropping packet Gateway Action drop Recommended Action Verify that no faulty network equipment exists Revision 1 Parameters senderip Con...

Страница 408: ...for static entry hw address cachedenet advertised as targetenet Dropping packet Explanation A Neighbor Advertisement for a configured static entry was received Dropping packet Gateway Action drop Rec...

Страница 409: ...ded Action None Revision 1 Parameters ipaddress oldenet newenet Context Parameters Rule Name Packet Buffer 2 32 34 nd_update_entry_request ID 06400059 Default Severity NOTICE Log Message ND cache entr...

Страница 410: ...Message Neighbor Discovery packet ethernet destination is broadcast Dropping Explanation The Neighbor Discovery packet ethernet destination is broadcast Dropping packet Gateway Action drop Recommende...

Страница 411: ...work equipment exists Revision 1 Parameters destip Context Parameters Rule Name Packet Buffer 2 32 39 nd_rs_illegal_option ID 06400064 Default Severity WARNING Log Message Router Solicitation packet c...

Страница 412: ...d an entry in the Neighbor Discovery cache Gateway Action allow Recommended Action None Revision 1 Parameters ipaddress oldenet newenet Context Parameters Rule Name Packet Buffer 2 32 42 nd_update_ent...

Страница 413: ...069 Default Severity WARNING Log Message Neighbor Discovery destination address destip is multicast but the solicited flag is set Dropping Explanation The Neighbor Discovery destination IP address is...

Страница 414: ...solve the address conflict by changing the ethernet address on the interface or on the conflicting host IPv6 disabled Gateway Action IPv6_Disabled Recommended Action Resolve the address conflict Revis...

Страница 415: ...f options more than ICMP6MaxOptND optcount Explanation Received a packet with number of options more than ICMP6MaxOptND Gateway Action drop Recommended Action None Revision 1 Parameters optcount Conte...

Страница 416: ...ra_prefix ID 06400077 Default Severity NOTICE Log Message Interface iface have successfully processed a Router Advertisement Prefix Information option Explanation An interface have successfully proce...

Страница 417: ...ID 06400079 Default Severity NOTICE Log Message Unable to find router on interface iface Explanation The gateway has solicited the local network for a router but have not received a reply Gateway Act...

Страница 418: ...p_ver ID 01500002 Default Severity WARNING Log Message Disallowed IP version ipver Explanation The received packet has a disallowed IP version and will be dropped Gateway Action drop Recommended Actio...

Страница 419: ...packet Gateway Action drop Recommended Action None Revision 1 Parameters iptotlen recvlen Context Parameters Rule Name Packet Buffer 2 33 5 invalid_ip_checksum ID 01500005 Default Severity WARNING Log...

Страница 420: ...flow label value Explanation The received packet with flow label other than zero Gateway Action drop Recommended Action None Revision 1 Parameters flow_label Context Parameters Rule Name Packet Buffe...

Страница 421: ...traffic class value Explanation The received packet with traffic class other than zero Gateway Action drop Recommended Action None Revision 1 Parameters traffic_class Context Parameters Rule Name Pac...

Страница 422: ...t Severity WARNING Log Message Packet is too small to contain IPv6 header Explanation The received packet is too small to contain an IPv6 header and will be dropped Gateway Action drop Recommended Act...

Страница 423: ...rs ttl ttlmin Context Parameters Rule Name Packet Buffer 2 34 2 ip_rsv_flag_set ID 01600002 Default Severity NOTICE Log Message The IP Reserved Flag was set Ignoring Explanation The received packet ha...

Страница 424: ...h too low HopLimit of hoplimit Min HopLimit is hoplimitmin Ignoring Explanation The received packet has a HopLimit field which is too low Ignoring and forwarding packet anyway Gateway Action ignore Re...

Страница 425: ...stamp ID 01700002 Default Severity NOTICE Log Message Packet has a timestamp IP Option Explanation The packet contains a timestamp IP Option Ignoring Gateway Action ignore Recommended Action None Revi...

Страница 426: ...byte available avail Dropping Explanation The IP Option type is multi byte which requires two bytes and there is less than two bytes available Dropping packet Gateway Action drop Recommended Action No...

Страница 427: ...ction drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 35 8 bad_length ID 01700013 Default Severity WARNING Log Message IP Option Type ipopt Bad length optlen for r...

Страница 428: ...ion disallowed Dropping Explanation The packet has a source route which is disallowed Dropping packet Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer...

Страница 429: ...pt Bad Timestamp Pointer tsptr Dropping Explanation The packet contains an invalid Timestamp Pointer Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters ipopt tsptr Conte...

Страница 430: ...ert_bad_len ID 01700021 Default Severity WARNING Log Message IP Option Type ipopt Bad length optlen Dropping Explanation Packet contains a router alert IP Option which has an invalid Length Dropping p...

Страница 431: ...pt optname Context Parameters Rule Name Packet Buffer 2 35 19 invalid_ip6payload_for_jumbo ID 01700039 Default Severity WARNING Log Message Non zero ip6 payload length for jumbo option Explanation Rec...

Страница 432: ...t Parameters Rule Name 2 35 22 invalid_ip6payload_for_jumbo ID 01700042 Default Severity WARNING Log Message Non zero ip6 payload length for jumbo option Explanation Received a non zero ip6 payload le...

Страница 433: ...25 recvd_jumbo ID 01700045 Default Severity WARNING Log Message Received a jumbo option packet Explanation Received a jumbo option packet Gateway Action drop Recommended Action None Revision 1 Context...

Страница 434: ...t Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name 2 35 29 rcvd_router_alert ID 01700049 Default Severity WARNING Log Message Received Router Alert option Packet Exp...

Страница 435: ...ay Action drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 35 32 invalid_option ID 01700052 Default Severity WARNING Log Message Invalid IPv6 extension header optio...

Страница 436: ...one Revision 1 Context Parameters Rule Name 2 35 35 rcvd_ha_Option ID 01700055 Default Severity WARNING Log Message Received Home address option Packet Explanation Received Home address option Packet...

Страница 437: ...erity WARNING Log Message Option data containing non zero value Explanation Option data containing non zero value Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name 2...

Страница 438: ...t destination mismatch Explanation IP and ethernet destination mismatch Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name 2 35 42 invalid_optlen ID 01700062 Default S...

Страница 439: ...acket other than in destination header Gateway Action none Recommended Action None Revision 1 Context Parameters Rule Name 2 35 45 excessive_padding ID 01700066 Default Severity WARNING Log Message Mu...

Страница 440: ...ule Name 2 35 48 more_optcount ID 01700069 Default Severity WARNING Log Message Number of options more than IP6MaxOPH optcount Explanation Received a packet with number of options more than IP6MaxOPH...

Страница 441: ...1700072 Default Severity WARNING Log Message Routing header with type 2 packet Explanation Received Routing header type 2 packet Gateway Action none Recommended Action None Revision 1 Context Paramete...

Страница 442: ...eader type 0 packet Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name 2 35 55 too_small_packet ID 01700076 Default Severity WARNING Log Message Packet is too small to...

Страница 443: ...ed Action None Revision 1 Context Parameters Rule Name 2 35 58 invalid_ip6_exthdr ID 01700079 Default Severity WARNING Log Message Extension header length is greater than IP6ExtHdr Setting Explanation...

Страница 444: ...Recommended Action None Revision 1 Context Parameters Rule Name Chapter 2 Log Message Reference 444...

Страница 445: ...er not match it Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters ip_multicast_addr eth_multicast_addr Context Parameters Rule Name Packet Buffer 2 36 2 invalid_ip4_hea...

Страница 446: ...min Dropping Explanation The received packet has a TTL Time To Live field which is too low Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters ttl ttlmin Context Paramete...

Страница 447: ...TCP header IPDataLen ipdatalen TCPHdrLen tcphdrlen Dropping Explanation The TCP packet contains an invalid header Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters ipda...

Страница 448: ...lt Severity WARNING Log Message Configured size limit for the ICMP protocol exceeded Dropping Explanation The configured size limit for the ICMP protocol was exceeded Dropping packet Gateway Action dr...

Страница 449: ...ever not match it This is a known exploit though the gateway is currently configured to forward these packets Gateway Action ignore Recommended Action None Revision 1 Parameters ip_multicast_addr eth_...

Страница 450: ...size limit for the AH protocol exceeded Dropping Explanation The configured size limit for the AH protocol was exceeded Dropping packet Gateway Action drop Recommended Action This can be changed under...

Страница 451: ...36 18 oversize_ipip ID 07000055 Default Severity WARNING Log Message Configured size limit for the IPIP protocol exceeded Dropping Explanation The configured size limit for the IPIP protocol was excee...

Страница 452: ...ended Action This can be changed under the Advanced Settings section Revision 1 Parameters proto Context Parameters Rule Name Packet Buffer 2 36 21 oversize_ip ID 07000058 Default Severity WARNING Log...

Страница 453: ...The received packet has a HopLimit field which is too low Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters hoplimit hoplimitmin Context Parameters Rule Name Packet Bu...

Страница 454: ...n ICMPIPVer icmpipver Dropping Explanation An invalid IP version is specified in the ICMP data Version 4 expected Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters icmp...

Страница 455: ...mended Action None Revision 1 Parameters icmpdatalen icmpipdatalen icmpipdataminlen Context Parameters Rule Name Packet Buffer 2 36 29 invalid_icmp_data_invalid_paramprob ID 07000075 Default Severity...

Страница 456: ...n is beyond the scope of the source address Dropping Explanation Link local source address and a global scope destination address Dropping packet Gateway Action drop Recommended Action Verify that no...

Страница 457: ...Severity WARNING Log Message L2TP client iface failed to resolve remotegwname Explanation The L2TP client failed to resolve the DNS name of the remote gateway Gateway Action None Recommended Action M...

Страница 458: ...5 unknown_l2tp_auth_source ID 02800005 Default Severity WARNING Log Message Unknown L2TP authentication source for rule Tunnel ID tunnelid Session ID sessionid Explanation The authentication source f...

Страница 459: ...lanation The L2TP session with the specified session ID has been closed The session was set up using the specified tunnel Gateway Action None Recommended Action None Revision 1 Parameters iface sessio...

Страница 460: ...equest sent Tunnel ID tunnelid Explanation An L2TP session request has been sent over the specified L2TP tunnel Gateway Action None Recommended Action None Revision 1 Parameters tunnelid 2 37 11 l2tp_...

Страница 461: ...NOTICE Log Message L2TP session request received Tunnel ID tunnelid Explanation A new session request was received on the specified tunnel Gateway Action None Recommended Action None Revision 1 Param...

Страница 462: ...on 1 2 37 16 l2tpclient_tunnel_up ID 02800018 Default Severity NOTICE Log Message L2TP tunnel to remotegw is up Tunnel ID tunnelid Explanation L2TP tunnel negotiated successfully Gateway Action None R...

Страница 463: ...OTICE Log Message Closed L2TP session Session ID sessionid Tunnel ID ctrlconnid Explanation The L2TP session with the specified session ID has been closed The session was set up using the specified tu...

Страница 464: ...CE Log Message L2TP session up Control Connection ID ctrlconnid Session ID sessionid Explanation The L2TP session negotiation has completed successfully Gateway Action None Recommended Action None Rev...

Страница 465: ...re that the IP address is configured correctly on the L2TP server interface or that the DHCP server can hand out a proper IP address to the interface Revision 1 Parameters iface 2 37 25 no_session_fou...

Страница 466: ...p_expired ID 07700002 Default Severity NOTICE Log Message The partner system on physiface has timed out due to no message being received in timeout seconds Explanation LACP has not received a periodic...

Страница 467: ...link Recommended Action Verify that all configured Member interfaces are physically connected to the same properly configured system Revision 1 Parameters physiface laiface 2 38 5 lacp_link_speed_mism...

Страница 468: ...disabled because it is operating at Half Duplex which is unsupported by the Link Aggregation feature Explanation The specified interface has been disabled because it is operating at Half Duplex which...

Страница 469: ...ame 2 39 2 removed_translation_address ID 05600002 Default Severity WARNING Log Message Translation IP address address does no longer exist in NATPool poolname Explanation The translation IP has been...

Страница 470: ...red ID 05600006 Default Severity WARNING Log Message NATPool DHCP address address lease expired Explanation The IP Address used by this NATPool have expired and may not be used any more The connection...

Страница 471: ...been reached for NATPool poolname Replacing lingering state replacedip Explanation The maximum configured number of states for this NAT Pool have been reached NATPool subsystem will try to replace the...

Страница 472: ...oolname Explanation Attempt to activate an already active Translation IP Gateway Action None Recommended Action None Revision 1 Parameters poolname ip 2 39 11 registerip_failed ID 05600012 Default Sev...

Страница 473: ...nchronize Translation IP address to peer Gateway Action None Recommended Action Check status of peer and verify High Availability configuration Revision 1 2 39 14 registerip_failed ID 05600015 Default...

Страница 474: ...0 2 internal_error ID 02400002 Default Severity WARNING Log Message Internal Error Iface iface got NEvent nevent in NState nstate Ignored Explanation Internal error in the OSPF interface neighbor stat...

Страница 475: ...mended Action Check the configuration on the neighboring router Revision 1 Parameters ospflen iplen type Context Parameters Rule Name Packet Buffer 2 40 5 bad_ospf_version ID 02400005 Default Severity...

Страница 476: ...g router not within the same area as the receive interface Gateway Action drop Recommended Action Make sure all locally attached OSPF routers are in the same area as the attaching interfaces Revision...

Страница 477: ...evision 1 Parameters recv_interval my_interval Context Parameters Rule Name Packet Buffer 2 40 10 hello_rtr_dead_mismatch ID 02400010 Default Severity WARNING Log Message Hello router dead interval mi...

Страница 478: ...smatch Received was recv_n_flag mine is my_n_flag Dropping Explanation Received OSPF data from a neighboring router with mismatching N flag NSSA details configuration Gateway Action drop Recommended A...

Страница 479: ...et Buffer 2 40 15 auth_mismatch ID 02400050 Default Severity WARNING Log Message Authentication mismatch Received was recv_auth mine is my_auth Explanation Authentication mismatch with neighboring OSP...

Страница 480: ...PF router share the same crypto key id Revision 1 Parameters recv_id my_id Context Parameters Rule Name 2 40 18 bad_auth_crypto_seq_number ID 02400053 Default Severity WARNING Log Message Authenticati...

Страница 481: ...Action drop Recommended Action Check network equipment for problems Revision 1 Parameters recv_chksum my_chksum Context Parameters Rule Name 2 40 21 dd_mtu_exceeds_interface_mtu ID 02400100 Default S...

Страница 482: ...isused the I flag Restarting exchange Explanation Neighbor misused the I flag Gateway Action restart Recommended Action None Revision 1 Parameters neighbor Context Parameters Rule Name 2 40 24 opt_cha...

Страница 483: ...n exchange Restarting exchange Explanation Received a non dup database descriptor from a neighbor in a higher state then exchange Gateway Action restart Recommended Action None Revision 1 Parameters n...

Страница 484: ...Default Severity WARNING Log Message Got LSA with bad sequence number seqnum Restarting exchange Explanation Received a LSA with a bad sequence number Gateway Action restart Recommended Action None R...

Страница 485: ...00151 Default Severity WARNING Log Message Unknown LSA type lsa_type LSA is discarded Explanation Received LSA of unknown type Gateway Action discard Recommended Action Check originating router config...

Страница 486: ...WARNING Log Message Received AS EXT LSA on stub LSA is discarded Explanation Received AS external LSA which is illegal on a stub area Gateway Action discard Recommended Action None Revision 1 Context...

Страница 487: ...ers Rule Name 2 40 38 got_ack_mismatched_lsa ID 02400157 Default Severity WARNING Log Message Got ACK for mismatched LSA LSA lsa ID lsaid AdvRtr lsartr ACK ingored Explanation Received acknowledge for...

Страница 488: ...1 ack_packet_lsa_size_mismatch ID 02400160 Default Severity WARNING Log Message ACK packet LSA size mismatch Parsing aborted Explanation Received OSPF ACK packet with a mismatching LSA size Gateway Ac...

Страница 489: ...ity WARNING Log Message Received Router LSA which contains mismatched Link State ID lsaid and Advertising Router lsartr LSA is discarded Explanation Received LSA of incompatible Link State ID and Adve...

Страница 490: ...number of OSPF routers on the network Revision 1 Parameters iface Context Parameters Rule Name 2 40 47 neighbor_died ID 02400202 Default Severity WARNING Log Message Neighbor neighbor on neighborifac...

Страница 491: ...ter lsaadvrtr Explanation Unable to map an identifier for a LSA Gateway Action None Recommended Action None Revision 1 Parameters lsatype lsaid lsaadvrtr Context Parameters Rule Name 2 40 50 lsa_size_...

Страница 492: ...ING Log Message Memory usage for OSPF process ospfproc have now exceeded 90 percent of the maximum allowed Explanation The memory usage for a OSPF process have exceeded 70 percent of the maximum allow...

Страница 493: ...ce attached to stub network stub Explanation Unable to find local interface attached to stub network Gateway Action None Recommended Action Contact support with a scenario description Revision 1 Param...

Страница 494: ...rs Rule Name 2 40 58 internal_error_unable_to_find_lnk_connecting_to_lsa ID 02400403 Default Severity WARNING Log Message Internal error Unable to find my link connecting to described LSA RtrVtxId rtr...

Страница 495: ...ace attached back Gateway Action None Recommended Action Contact support with a scenario description Revision 1 Parameters rtrvtxid Context Parameters Rule Name 2 40 61 bad_iface_type_mapping_rtr_to_r...

Страница 496: ...everity CRITICAL Log Message Internal Error Memory allocation failure OSPF process now considered inconsistent Explanation Memory allocation failure Gateway Action alert Recommended Action Check memor...

Страница 497: ...route route OSPF process should now be considered inconsistent Explanation Unable to add route Gateway Action alert Recommended Action Check memory consumption Revision 1 Parameters route Context Para...

Страница 498: ...eters tunnel_type 2 41 2 ip_address_required_but_not_received ID 02500002 Default Severity WARNING Log Message IP address required but not received PPP terminated Explanation Peer refuses to give out...

Страница 499: ...Default Severity WARNING Log Message Primary NBNS address required but not received PPP terminated Explanation Peer refuses to give out a primary NBNS address Since reception of a primary NBNS address...

Страница 500: ..._to_use_authentication ID 02500051 Default Severity ERROR Log Message Peer refuses to use authentication PPP terminated Explanation Peer refuses to use any authentication at all PPP is terminated sinc...

Страница 501: ...ppp_terminated Recommended Action Upgrade your license to allow more simultaneous PPP tunnels Revision 1 Parameters tunnel_type limit 2 41 11 authentication_failed ID 02500101 Default Severity WARNING...

Страница 502: ...Default Severity WARNING Log Message PPP MSCHAPv1 username was truncated because it was too long Explanation PPP MSCHAPv1 username was truncated because it was too long Gateway Action mschapv1_usernam...

Страница 503: ...ed because it was too long Explanation PPP PAP password was truncated because it was too long Gateway Action pap_password_truncated Recommended Action Reconfigure the endpoints to use a shorter passwo...

Страница 504: ...Explanation There was an error while authenticating using a local user database PPP Authentication terminated Gateway Action authentication_terminated Recommended Action None Revision 1 Parameters tu...

Страница 505: ...is either means that the decryption failed or that the peer actually sent data using an unsupported protocol PPP is terminated Gateway Action ppp_terminated Recommended Action Reconnect the tunnel If...

Страница 506: ...for the interface have been established Gateway Action None Recommended Action None Revision 1 Parameters iface pppoeserver auth ifaceip downtime 2 42 2 pppoe_tunnel_closed ID 02600002 Default Severi...

Страница 507: ...nt iface failed to resolve remotegwname Explanation The PPTP client failed to resolve the DNS name of the remote gateway Gateway Action None Recommended Action Make sure you have configured the DNS na...

Страница 508: ...down the PPTP connection Gateway Action pptp_connection_closed Recommended Action Make sure the userauth rules are configured correctly Revision 1 Parameters rule remotegw callid 2 43 5 user_disconne...

Страница 509: ...equired ID 02700007 Default Severity WARNING Log Message MPPE failed but is required closing session callid to remotegw on iface Explanation MPPE is required by the configuration but the MPPE negotiat...

Страница 510: ...specified interface remote gateway and call ID identify the specific session Gateway Action ignore Recommended Action None Revision 1 Parameters iface type callid remotegw 2 43 11 failure_init_radius...

Страница 511: ...c session Gateway Action None Recommended Action None Revision 1 Parameters callid iface remotegw user auth mppe assigned_ip 2 43 13 pptp_session_up ID 02700013 Default Severity WARNING Log Message PP...

Страница 512: ...ssage PPTP session callid to remotegw on iface has been idle for too long Closing it Explanation A PPTP session has been idle for too long Session will be closed Gateway Action close_session Recommend...

Страница 513: ...w connected to iface Explanation A remote PPTP client has established a connection to this PPTP server Gateway Action None Recommended Action None Revision 1 Parameters iface remotegw 2 43 19 ctrlconn...

Страница 514: ...TICE Log Message PPTP tunnel to remotegw on iface closed Explanation The PPTP tunnel to has been closed Gateway Action None Recommended Action None Revision 1 Parameters iface remotegw 2 43 22 pptp_co...

Страница 515: ...D 02700026 Default Severity WARNING Log Message Did not find a matching userauth rule for the incoming PPTP connection Interface iface Remote gateway remotegw Explanation The PPTP server was unsuccess...

Страница 516: ...to listen on Explanation The PPTP server cannot start until it has a proper IP address to listen on Gateway Action None Recommended Action Make sure that the IP address is configured correctly on the...

Страница 517: ...username imsi mac iface 2 44 2 user_reauthenticated ID 07500002 Default Severity NOTICE Log Message User username was reauthenticated Explanation A user was re authenticated Gateway Action None Recom...

Страница 518: ...on None Recommended Action None Revision 1 Parameters username imsi mac iface ip 2 44 5 user_authentication_rejected ID 07500005 Default Severity NOTICE Log Message User username authentication was re...

Страница 519: ...e same MAC address as an already authenticated user The current user will be logged out Gateway Action logout_current_user Recommended Action None Revision 1 Parameters username imsi mac iface ip newu...

Страница 520: ...MAC address logging out current user Explanation An already authenticated user is logging in from a new MAC address than before The current user instance will be logged out Gateway Action logout_curre...

Страница 521: ...Firewall Monitoring Current uptime uptime The value of name is above the high threshold High threshold threshold Current mean of numbersamples currentvalue Explanation High threshold passed Gateway Ac...

Страница 522: ...ed Action None Revision 1 Parameters uptime name threshold numbersamples currentvalue 2 45 4 value_above_low_threshold ID 054xxxxx Default Severity INFORMATIONAL Log Message Firewall Monitoring Curren...

Страница 523: ...egment with invalid checksum Explanation A TCP segment with an invalid checksum was received The segment will be dropped Gateway Action drop Recommended Action None Revision 1 Context Parameters Conne...

Страница 524: ...cket Explanation The gateway ran out of resources when trying to allocate resources to send a packet The packet that triggered the need to send a packet will be dropped Gateway Action drop Recommended...

Страница 525: ...sage Maximum connections limit reached Explanation The reassembly subsystem has reached the maximum number of concurrent connections Gateway Action none Recommended Action Consider increasing the sett...

Страница 526: ...ID 04100002 Default Severity WARNING Log Message Interface iface Table table Net net Unable to open conn for PING trying again later Explanation Unable to open a connection to verify the status of th...

Страница 527: ...ailed to register PING Route Monitor Gateway Action route_not_monitored Recommended Action None Revision 1 Parameters iface table net gateway 2 47 5 unable_to_register_pingmon ID 04100005 Default Seve...

Страница 528: ...ute disabled no ARP reply from Gateway gateway Explanation Route is not available and has been disabled Did not receive a ARP reply from the gateway Gateway Action route_disabled Recommended Action No...

Страница 529: ...commended Action None Revision 1 Parameters iface table net gateway 2 47 10 no_link ID 04100010 Default Severity ERROR Log Message Interface iface has no link reason reason all associated routes disab...

Страница 530: ...nitored Unable to register Interface Monitor Gateway Action no_monitoring Recommended Action None Revision 1 Parameters iface table net gateway 2 47 13 unable_to_register_interface_monitor ID 04100013...

Страница 531: ...ommended Action None Revision 1 Parameters iface table net 2 47 15 hostmon_successful ID 04100015 Default Severity NOTICE Log Message Interface iface Table table Net net Route enabled host monitoring...

Страница 532: ...Severity NOTICE Log Message IP address verfied according to ACCESS section Explanation The IP address was verified according to the ACCESS section Gateway Action access_allow Recommended Action None R...

Страница 533: ...ty WARNING Log Message Destination address is the 0 net Dropping Explanation The destination address was the 0 net which is not allowed according to the configuration The packet is dropped Gateway Act...

Страница 534: ...er 2 48 8 block127net ID 06000013 Default Severity WARNING Log Message Destination address is the 127 net Accepting Explanation The destination address was the 127 net which is allowed according to th...

Страница 535: ...ity WARNING Log Message Destination address is the 0 8 net Dropping Explanation The destination address was the 0 8 net which is not allowed according to the configuration The packet is dropped Gatewa...

Страница 536: ...ne Revision 1 Context Parameters Rule Name Packet Buffer 2 48 14 directed_broadcasts ID 06000031 Default Severity NOTICE Log Message Packet directed to the broadcast address of the destination network...

Страница 537: ...ed behaviour modify the rule set Revision 1 Context Parameters Rule Information Packet Buffer 2 48 17 ruleset_drop_packet ID 06000051 Default Severity WARNING Log Message Packet dropped by rule set Dr...

Страница 538: ...ss fqdn_name used in IPPolicy dir filter Explanation The IPPolicy address filter was updated by the DNS Cache Gateway Action policy_updated Recommended Action None Revision 1 Parameters fqdn_name dir...

Страница 539: ...lt Severity INFORMATIONAL Log Message IP address ip removed from FQDN address fqdn_name used in IPPolicy dir filter Explanation The IPPolicy address filter was updated by the DNS Cache Gateway Action...

Страница 540: ...ecommended Action Verify that the configured DNS server is reachable Revision 1 Parameters fqdn_name dir Context Parameters Rule Name 2 48 25 dns_error ID 06000076 Default Severity ERROR Log Message D...

Страница 541: ...ay Context Parameters Connection 2 49 2 httpposter_failure ID 06600101 Default Severity WARNING Log Message Failed to update host using HTTP Poster retry in retry_delay seconds Explanation The HTTP Po...

Страница 542: ...Gateway Action None Recommended Action None Revision 1 Parameters host retry_delay reason Chapter 2 Log Message Reference 542...

Страница 543: ...50 2 sesmgr_session_denied ID 04900002 Default Severity WARNING Log Message New session denied for User user Database database IP ip Type type Explanation New session denied in Session Manager Gatewa...

Страница 544: ...tion none Recommended Action None Revision 1 Parameters user access database ip type 2 50 5 sesmgr_session_timeout ID 04900005 Default Severity NOTICE Log Message Session has timed out for User user D...

Страница 545: ...pe type Explanation Could not create new console new session will be removed Gateway Action remove_session Recommended Action Check maximum number of sessions and consoles Revision 1 Parameters user d...

Страница 546: ...e Explanation Disabled session has been activated Gateway Action none Recommended Action None Revision 1 Parameters user database ip type 2 50 11 sesmgr_session_disabled ID 04900011 Default Severity N...

Страница 547: ...access level set for User user Database database IP ip Type type Explanation No access level set for user new session denied Gateway Action deny_session Recommended Action Check user settings Revision...

Страница 548: ...Gateway Action file_error Recommended Action Check available memory Revision 1 2 50 16 sesmgr_techsupport ID 04900018 Default Severity NOTICE Log Message Sending technical support file Explanation Te...

Страница 549: ...nded Action None Revision 1 Parameters server_ip Context Parameters Rule Name 2 51 2 server_offline ID 02900002 Default Severity WARNING Log Message SLB Server server_ip is offline according to monito...

Страница 550: ...t_timeout ID 03000002 Default Severity WARNING Log Message Timeout connecting to SMTP server smtp_server Send aborted Explanation The unit timed out while trying to establish a connection to the SMTP...

Страница 551: ...xplanation The SMTP server reject the connection attempt No SMTP Log will be sent Gateway Action abort_sending Recommended Action Verify that a SMTP Server is configured to accept connections from the...

Страница 552: ...ient recipient Explanation The SMTP server rejected the recipient No SMTP Log will be sent Gateway Action None Recommended Action Verify that the SMTP server is configured to accept this recipient Rev...

Страница 553: ...tion The SMTP server rejected the message text No SMTP Log will be sent Gateway Action None Recommended Action Verify that the SMTP server is properly configured Revision 1 Parameters smtp_server 2 52...

Страница 554: ...ation The DNS server reports that there is no record of the configured FQDN address Gateway Action None Recommended Action Verify that the FQDN address was entered correctly Revision 1 Parameters fqdn...

Страница 555: ...ddress ip added to FQDN address fqdn_name used in SMTP logger logger Explanation The IP address for the SMTP server used by logger logger could not be updated Gateway Action smtplogger_fail Recommende...

Страница 556: ...logger Chapter 2 Log Message Reference 556...

Страница 557: ...t Parameters Connection 2 53 2 invalid_snmp_community ID 03100002 Default Severity NOTICE Log Message Disallowed SNMP from peer invalid community string Explanation The SNMP community string is invali...

Страница 558: ...acters Revision 1 Parameters peer Context Parameters Connection 2 53 5 snmp3_authentication_failed ID 03100102 Default Severity NOTICE Log Message Disallowed SNMP from peer authentication failed Expla...

Страница 559: ...op Recommended Action Find out what is sending these SNMP messages and take appropriate action to stop these messages Revision 1 Parameters peer Context Parameters Connection 2 53 8 snmp3_rebooted_214...

Страница 560: ...0107 Default Severity NOTICE Log Message Disallowed SNMP from peer wrong SNMP version Explanation The SNMP request did not have the correct SNMP version Gateway Action drop Recommended Action Make sur...

Страница 561: ...ers Connection 2 53 13 snmp3_message_not_in_time_window ID 03100110 Default Severity ERROR Log Message Disallowed SNMP from peer received message not in time window Explanation Received message did no...

Страница 562: ...DH Key Exchange parse error when exchanging keys with client client Explanation A Diffie Hellman Key Exchange Failure occured when keys were exchanged with the client Connection will be closed Gatewa...

Страница 563: ...n failure Explanation The MAC received from the client is invalid The connection will be closed Gateway Action close Recommended Action None Revision 1 2 54 6 invalid_service_request ID 04700015 Defau...

Страница 564: ...e to toservice Client client Explanation User changed the service between two authentication phases which is not allowed Closing connection Gateway Action close Recommended Action None Revision 1 Para...

Страница 565: ...been reached Closing connection Client client Explanation The connect client has been inactive for too long and is forcibly logged out Closing connection Gateway Action close Recommended Action Incre...

Страница 566: ...t uses is not supported Closing connection Gateway Action close Recommended Action None Revision 1 Parameters keytype client 2 54 15 unsupported_pubkey_algo ID 04700057 Default Severity NOTICE Log Mes...

Страница 567: ...according to the remotes section Explanation The client is not allowed access to the SSH server Closing connection Gateway Action close Recommended Action If this client should be granted SSH access...

Страница 568: ...this ip ip Explanation SCP transfers can only be used if sessions has administrator access Closing connection Gateway Action close Recommended Action If there are other active administrator session t...

Страница 569: ...s remoteip remoteport localip localport ssliface 2 55 2 sslvpn_session_closed ID 06300011 Default Severity INFORMATIONAL Log Message SSLVPN session closed remoteip remoteport localip localport at ssli...

Страница 570: ...he specific session Gateway Action accounting_disabled Recommended Action Make sure the RADIUS accounting configuration is correct Revision 1 Parameters iface 2 55 5 sslvpn_connection_disallowed ID 06...

Страница 571: ...ser is forcibly disconnected Remote gateway remotegw Explanation The connected client is forcibly disconnected by the userauth system Gateway Action None Recommended Action None Revision 2 Parameters...

Страница 572: ...sion 1 Parameters rule iface remotegw 2 55 10 sslvpn_no_userauth_rule_found ID 06300226 Default Severity WARNING Log Message Did not find a matching userauth rule for the incoming SSL VPN connection I...

Страница 573: ...2 demo_mode ID 03200021 Default Severity ALERT Log Message The unit is running in DEMO mode and will eventually expire Install a license in order to avoid this Explanation None Gateway Action shutdow...

Страница 574: ...56 5 new_firmware_available ID 03200030 Default Severity NOTICE Log Message New firmware available Explanation A new firmware release is available for download Gateway Action None Recommended Action...

Страница 575: ...rity ERROR Log Message Nitrox II watchdog triggered Explanation Nitrox II watchdog triggered Gateway Action Reboot Recommended Action None Revision 1 2 56 9 nitrox2_restarted ID 03200208 Default Sever...

Страница 576: ...a dynamic port as it is out of memory Gateway Action None Recommended Action None Revision 1 Parameters reason localip destip 2 56 12 port_bind_failed ID 03200301 Default Severity WARNING Log Message...

Страница 577: ...IP pair has changed to Low Load because of low traffic Gateway Action None Recommended Action None Revision 1 Parameters localip destip 2 56 15 log_messages_lost_due_to_throttling ID 03200400 Default...

Страница 578: ...ption failed due to error Connection closed Gateway Action None Recommended Action None Revision 1 2 56 18 bidir_fail ID 03200600 Default Severity CRITICAL Log Message Failed to establish bi direction...

Страница 579: ...ile Gateway Action None Recommended Action Verfiy that the disk media is intact and that the file is not write protected Revision 1 Parameters old_cfg 2 56 21 disk_cannot_rename ID 03200604 Default Se...

Страница 580: ...e the present core executable Gateway Action None Recommended Action Consult the recommended action in the previous log message which contained a more detailed error description Revision 1 2 56 24 bid...

Страница 581: ...Blocked since blockedsince Explanation Too many failed login attempt for the user Gateway Action None Recommended Action None Revision 1 Parameters database username blockedremaining blockedsince 2 5...

Страница 582: ...ion requested by username from config_system client_ip Explanation Reconfiguration requested Gateway Action reconfiguration Recommended Action None Revision 1 Parameters username userdb client_ip conf...

Страница 583: ...erity NOTICE Log Message Firewall starting echo delay seconds Core corever Build build Current uptime uptime Using configuration file cfgfile localcfgver localcfgver remotecfgver remotecfgver Previous...

Страница 584: ...e Revision 2 Parameters authsystem username access_level interface usergroups authsource userdb server_ip server_port client_ip client_port 2 56 35 admin_logout ID 03203001 Default Severity NOTICE Log...

Страница 585: ...t 2 56 37 admin_authorization_failed ID 03203003 Default Severity WARNING Log Message Administrative user username successfully logged in via authsystem but is not authorized to access the system Expl...

Страница 586: ...nit failed to establish a connection back to peer using the new configuration The previous configuration will still be used Gateway Action using_prev_config Recommended Action Make sure that the new c...

Страница 587: ...al Date and Time has been modified by user Time and Date before change pre_change_date_time Time and Date after change post_change_date_time Explanation The local Date and Time of the unit has been ch...

Страница 588: ...eters authsystem username server_ip server_port client_ip client_port 2 56 45 admin_login_internal_error ID 03206002 Default Severity WARNING Log Message Internal error occured when administrative use...

Страница 589: ...ing to authentication requests Revision 1 Parameters authsystem interface username authsource server_ip server_port client_ip client_port 2 56 47 valid_rest_api_call ID 03207000 Default Severity NOTIC...

Страница 590: ...one Revision 1 Parameters URI Method Context Parameters User Authentication 2 56 50 method_not_allowed ID 03207012 Default Severity NOTICE Log Message Method not allowed Explanation REST API call fail...

Страница 591: ...Gateway Action None Recommended Action None Revision 1 Parameters URI Method Context Parameters User Authentication Chapter 2 Log Message Reference 591...

Страница 592: ...Settings sub system Revision 1 Parameters good_flag bad_flag Context Parameters Rule Name Packet Buffer 2 57 2 tcp_flags_set ID 03300002 Default Severity WARNING Log Message The TCP good_flag and bad...

Страница 593: ...t Stripping Explanation A bad TCP flag is set Removing it Gateway Action strip_flag Recommended Action None Revision 1 Parameters bad_flag Context Parameters Rule Name Packet Buffer 2 57 5 tcp_null_fl...

Страница 594: ...arameters Rule Name Packet Buffer 2 57 7 tcp_flag_set ID 03300009 Default Severity WARNING Log Message The TCP bad_flag flag is set Dropping Explanation The TCP flag is set Dropping packet Gateway Act...

Страница 595: ...vision 1 Parameters seqno origseqno Context Parameters Rule Name Connection Packet Buffer 2 57 10 mismatched_first_ack_seqno ID 03300012 Default Severity WARNING Log Message ACK packet with seq seqno...

Страница 596: ...end Dropping Explanation The RST flag sequence number is not within the receiver window Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters seqno winstart winend Context...

Страница 597: ...ay Action drop Recommended Action None Revision 1 Parameters ack accstart accend Context Parameters Rule Name Connection Packet Buffer 2 57 15 rst_without_ack ID 03300018 Default Severity NOTICE Log M...

Страница 598: ...stack could not accept incomming data since it has run out of large TCP receive windows This event was triggered num_events times during the last 10 seconds Gateway Action close Recommended Action If...

Страница 599: ...ot get a free socket This event was triggered num_events times during the last 10 seconds Gateway Action None Recommended Action None Revision 1 2 57 20 tcp_seqno_too_low_with_syn ID 03300025 Default...

Страница 600: ...t mss minmss Context Parameters Rule Name Packet Buffer 2 58 2 tcp_mss_too_low ID 03400002 Default Severity NOTICE Log Message TCP MSS mss too low TCPMSSMin minmss Adjusting Explanation The TCP MSS is...

Страница 601: ...high Adjusting to use the configured maximum MSS Gateway Action adjust Recommended Action None Revision 1 Parameters tcpopt mss maxmss Context Parameters Rule Name Packet Buffer 2 58 5 tcp_mss_above_l...

Страница 602: ...et has a type tcpopt TCP option Stripping it Explanation The packet has a TCP Option of the specified type Removing it Gateway Action strip Recommended Action None Revision 1 Parameters tcpopt Context...

Страница 603: ...commended Action None Revision 1 Parameters tcpopt len avail Context Parameters Rule Name Packet Buffer 2 58 10 bad_tcpopt_length ID 03400012 Default Severity WARNING Log Message Type tcpopt bad lengt...

Страница 604: ...PMSSMax maxmss Dropping Explanation The TCP MSS is too high Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters tcpopt mss maxmss Context Parameters Rule Name Packet Buff...

Страница 605: ...CP segment Explanation Multiple TCP window scale options present in a single TCP segment Gateway Action strip Recommended Action None Revision 1 Context Parameters Connection Packet Buffer 2 58 16 too...

Страница 606: ...Expected old got new will use effective Explanation TCP segment with a window scale option specifying a different shift count than previous segments was received The lower of the two values will be u...

Страница 607: ...ule Name 2 59 2 reminder_conn_threshold ID 05300101 Default Severity INFORMATIONAL Log Message Reminder Connection threshold description exceeded threshold Source IP srcip Explanation The source ip is...

Страница 608: ...ption Revision 1 Context Parameters Connection 2 59 5 failed_to_keep_connection_count ID 05300201 Default Severity ERROR Log Message Failed to keep connection count Reason Out of memory Explanation Th...

Страница 609: ...tions matching the threshold rule and originating from a single host exceeds the configured threshold The configured protective measures will be triggered Note This log message is rate limited via an...

Страница 610: ...e exceeds threshold The Offending host is srcip Explanation The number of connections matching the threshold rule exceeds the configured threshold The configured protective measures will be triggered...

Страница 611: ...s failed Clock not updated Explanation The unit failed to establish a connection with the time sync server The clock has not been updated Gateway Action clock_not_synced Recommended Action Verify that...

Страница 612: ...saving ID 03500011 Default Severity NOTICE Log Message Leaving standart time zone and switching to Daylight saving time Explanation Automatic DST is activated and time is adjusted by the system Gatewa...

Страница 613: ...Parameters location Chapter 2 Log Message Reference 613...

Страница 614: ...equipment Revision 1 Context Parameters Rule Name Packet Buffer 2 61 2 enet_hw_sender_broadcast ID 04400411 Default Severity NOTICE Log Message Ethernet hardware sender is a broadcast address Acceptin...

Страница 615: ...ess If there are try to change the behaviour of that equipment Revision 1 Context Parameters Rule Name Packet Buffer 2 61 5 enet_hw_sender_multicast ID 04400414 Default Severity NOTICE Log Message Eth...

Страница 616: ...ll be dropped Gateway Action drop Recommended Action Investigate if there are equipment sending packets using a multicast address as sender MAC address If there are try to change the behaviour of that...

Страница 617: ...MSTP and PVST Gateway Action drop Recommended Action If the frame format is invalid locate the unit which is sending the malformed frame Revision 1 Parameters recvif reason 2 61 11 relay_mpls_frame I...

Страница 618: ...2 61 13 invalid_mpls_packet ID 04400422 Default Severity WARNING Log Message Incoming MPLS packet on recvif dropped Reason reason Explanation An incoming MPLS packet has been dropped since it was malf...

Страница 619: ...y WARNING Log Message Received a RADIUS Accounting START response with an Identifier mismatch Ignoring this packet Explanation The unit received a response with an invalid Identifier mismatch This can...

Страница 620: ...commended Action Verify that the RADIUS Accounting server is properly configured Revision 2 Context Parameters User Authentication 2 62 5 no_accounting_start_server_response ID 03700005 Default Severi...

Страница 621: ...will not be sent to Authentication Server Explanation The unit failed to send an Accounting Stop event to the Accounting Server Accounting information will not be sent to the Accounting Server Gateway...

Страница 622: ...ounting_stop_server_response ID 03700010 Default Severity ALERT Log Message Did not receive a RADIUS Accounting STOP response User statistics might not have been updated on the Accounting Server Expla...

Страница 623: ...ccounting Server Accounting features will be disabled Gateway Action accounting_disabled Recommended Action None Revision 2 Context Parameters User Authentication 2 62 13 invalid_accounting_start_requ...

Страница 624: ...0 Default Severity NOTICE Log Message User timeout expired user is automatically logged out Explanation The user is automatically logged out as the configurated timeout expired Gateway Action user_rem...

Страница 625: ...tesrecv packetssent packetsrecv gigawrapsent gigawraprecv sestime Context Parameters User Authentication 2 62 18 accounting_interim_failure ID 03700051 Default Severity ALERT Log Message Failed to sen...

Страница 626: ...ccounting server User statistics might not have been updated on the Accounting Server Explanation The unit received an invalid response to an Accounting Interm event from the Accounting Server Account...

Страница 627: ...3 already_logged_in ID 03700101 Default Severity WARNING Log Message This user is already logged in Explanation A user with the same username as an already authenticated user tried to logged in and wa...

Страница 628: ...ssage Timeout during RADIUS user authentication contact with RADIUS server not established Explanation The unit did not receive a response from the RADIUS Authentication server and the authentication...

Страница 629: ...Log Message Error during LDAP user authentication contact with LDAP server not established Explanation The unit did not receive a response from the LDAP Authentication server and the authentication pr...

Страница 630: ...ult Severity ERROR Log Message Can t create new user request Authentication aborted Explanation Can t create new user request Gateway Action authentication_failed Recommended Action Check LDAP context...

Страница 631: ...d Action None Revision 1 Parameters reason 2 62 36 user_req_new_out_of_memory ID 03700406 Default Severity ALERT Log Message Out of memory while trying to allocate new User Request Explanation The uni...

Страница 632: ...efault Severity ALERT Log Message Cannot retrieve user password from LDAP database database Explanation Cannot retrive the user password from LDAP database making user authentication impossible Gatewa...

Страница 633: ...t share atleast one cipher Revision 1 Parameters client_ip 2 62 43 disallow_clientkeyexchange ID 03700501 Default Severity ERROR Log Message SSL Handshake Disallow ClientKeyExchange Closing down SSL c...

Страница 634: ...ge SSL Handshake Bad ClientHello message Closing down SSL connection Explanation The ClientHello message which is the first part of a SSL handshake is invalid and the SSL connection is closed Gateway...

Страница 635: ...ty ERROR Log Message SSL Handshake Bad ClientFinished message Closing down SSL connection Explanation The ClientFinished message which is a part of a SSL handshake is invalid and the SSL connection is...

Страница 636: ...ize Closing down SSL connection Explanation The negotiated cipher was an export cipher which does not allow the chosen certification size The certificate can not be sent and the SSL connection is clos...

Страница 637: ...ID 03707000 Default Severity NOTICE Log Message User logged in Idle timeout idle_timeout Session timeout session_timeout Explanation A user logged in and has been granted access Auth Rule grants imme...

Страница 638: ...rameters User Authentication 2 62 57 bad_user_credentials ID 03707003 Default Severity NOTICE Log Message Unknown user Explanation A user failed to log in The MAC address does not exist Gateway Action...

Страница 639: ...Revision 2 Context Parameters User Authentication 2 62 59 bad_user_credentials ID 03707005 Default Severity NOTICE Log Message Unknown user Explanation A user failed to log in Gateway Action None Rec...

Страница 640: ...meters filename description 2 63 2 odm_execute_action_reboot ID 05200002 Default Severity NOTICE Log Message Uploaded file filename was validated as description Rebooting system Explanation An uploade...

Страница 641: ...sage Uploaded package file filename could not be executed correctly Explanation An uploaded file was validated but could not be executed correctly This could be because the unit is out of disk space o...

Страница 642: ...Parameters filename 2 63 8 odm_license_warn ID 05200008 Default Severity NOTICE Log Message Uploaded file filename was validated as description Warned user to take action Explanation A license file w...

Страница 643: ...aas_lic_installation_failed ID 05208003 Default Severity EMERGENCY Log Message License file could not be installed Explanation None Gateway Action None Recommended Action None Revision 1 Chapter 2 Log...

Страница 644: ...clude_entry ID 03800002 Default Severity WARNING Log Message Unable to allocate exclude entry for host Explanation Unable to allocate exclude entry Unit is low on memory Gateway Action no_exclude Reco...

Страница 645: ...essage Unable to accommodate block request since out of MAC profiles on switch Explanation There are no free MAC profiles left on the switch No more hosts can be be blocked excluded on this switch Gat...

Страница 646: ...ate_to_media ID 03800008 Default Severity CRITICAL Log Message Failed to write ZoneDefense state to media Explanation Failed to write list of ZoneDefense state to media The media might be corrupt Gate...

Страница 647: ...e ID 03800011 Default Severity CRITICAL Log Message Failed to erase type profile profile on switch Explanation The switch returned an error while erasing a profile Gateway Action None Recommended Acti...

Страница 648: ...ation A configured action of type type has triggered ZoneDefense to block the host host at the configured ZoneDefense switches Gateway Action block Recommended Action Unblock the specified host using...

Страница 649: ...ity WARNING Log Message ZoneDefense is disabled on switch The system will try to enable it Explanation The switch responded that it has the ZoneDefense feature disabled System will try once to enable...

Страница 650: ...03800911 Default Severity INFORMATIONAL Log Message ZoneDefense unblocking unblock_type blocked host host Explanation A dynamically blocked host has been unblocked by ZoneDefense Gateway Action unbloc...

Страница 651: ...Chapter 2 Log Message Reference 651...

Страница 652: ...Chapter 2 Log Message Reference 652...

Отзывы:

Нет отзывов

Похожие инструкции для NetDefend DFL-260E

Бренд: Watchguard Страницы: 18

Бренд: Watchguard Страницы: 181

Бренд: ZyXEL Communications Страницы: 64

Бренд: ZyXEL Communications Страницы: 102

Бренд: Watchguard Страницы: 37

Бренд: Cisco Страницы: 1354

Бренд: Cisco Страницы: 1224

FortiGate FortiGate-5001

Бренд: Fortinet Страницы: 2

FortiGate FortiGate-3600A

Бренд: Fortinet Страницы: 2

FortiGate FortiGate-400

Бренд: Fortinet Страницы: 2

FortiGate FortiGate-310B

Бренд: Fortinet Страницы: 2

FortiGate FortiGate-30B

Бренд: Fortinet Страницы: 2

FortiGate ASM-CX4

Бренд: Fortinet Страницы: 1

FortiGate FortiGate-300

Бренд: Fortinet Страницы: 2

FortiGate FortiGate-5001A

Бренд: Fortinet Страницы: 38

FortiGate FortiGate-5005-DIST

Бренд: Fortinet Страницы: 38

Бренд: Fortinet Страницы: 23

FortiGate FortiGate-50

Бренд: Fortinet Страницы: 240

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды