ZyXEL Communications ZyXEL ZyWALL 2WE User Manual page 414

ZyWALL 2 and ZyWALL 2WE
A PYLD_MALFORMED packet usually means that the two ends of the VPN tunnel
LOG MESSAGE
Send <Symbol> Mode request to <IP>
Send <Symbol> Mode request to <IP>
Recv <Symbol> Mode request from
<IP>
Recv <Symbol> Mode request from
<IP>
Recv:<Symbol>
Phase 1 IKE SA process done
Start Phase 2: Quick Mode
!! IKE Negotiation is in process
!! Duplicate requests with the same
cookie
!! No proposal chosen
!! Verifying Local ID failed
!! Verifying Remote ID failed
!! Local / remote IPs of incoming
request conflict with rule <#d>
82
are not using the same pre-shared key.
Chart Q-10 Sample IKE Key Exchange Logs
DESCRIPTION
The ZyWALL has started negotiation with the peer.
The ZyWALL has received an IKE negotiation request
from the peer.
IKE uses the ISAKMP protocol (refer to RFC2408 –
ISAKMP) to transmit data. Each ISAKMP packet
contains payloads of different types that show in the
log - see Chart Q-12.
Phase 1 negotiation is finished.
Phase 2 negotiation is beginning using Quick Mode.
The ZyWALL has begun negotiation with the peer for
the connection already, but the IKE key exchange has
not finished yet.
The ZyWALL has received multiple requests from the
same peer but it is still processing the first IKE packet
from that peer.
The parameters configured for Phase 1 or Phase 2
negotiations don't match. Please check all protocols
and settings for these phases. For example, one party
may be using 3DES encryption, but the other party is
using DES encryption, so the connection will fail.
During IKE Phase 2 negotiation, both parties
exchange policy details, including local and remote IP
address ranges. If these ranges differ, then the
connection fails.
If the security gateway is "0.0.0.0", the ZyWALL will
use the peer's "Local Addr" as its "Remote Addr". If
this IP (range) conflicts with a previously configured
rule then the connection is not allowed.
Log Descriptions