2.1.178. tls_disallowed_key_exchange
(ID: 00200458)
2.1.178. tls_disallowed_key_exchange (ID: 00200458)
Default Severity
Log Message
Explanation
Gateway Action
Recommended Action
Revision
Parameters
Context Parameters
2.1.179. tls_invalid_message (ID: 00200459)
Default Severity
Log Message
Explanation
Gateway Action
Recommended Action
Revision
Parameters
Context Parameters
2.1.180. tls_bad_message_order (ID: 00200460)
Default Severity
Log Message
Explanation
Gateway Action
WARNING
TLSALG: Disallowed key exchange.
The TLS ALG session will be closed because there are not enough
resources to process any TLS key exchanges at the moment. This
could be a result of TLS handshake message flooding. This action is
triggered by a system that monitors the amount of resources that is
spent on key exchanges. This system is controlled by the advanced
setting SSL_ProcessingPriority.
close
Investigate the source of this, and try to find out if it is a part of a
possible attack, or normal traffic.
1
algname
ALG Module Name
ALG Session ID
ERROR
TLSALG: Invalid TLS <message_type> message received.
A badly formatted TLS message has been received. The TLS ALG
session will be closed.
close
None.
1
message_type
algname
ALG Module Name
ALG Session ID
ERROR
TLSALG: Bad TLS handshake message order.
A TLS handshake message of a type that is not expected in the current
state of the handshake was received. The TLS ALG session will be
closed.
close
104
Chapter 2. Log Message Reference