Vpn Responder Ipsec Log; Figure 30-2 Example Vpn Responder Ipsec Log - ZyXEL Communications ZyWall 100 User Manual

ZyWALL 100 Internet Security Gateway

30.2 VPN Responder IPSec Log

The following figure shows a typical log from the VPN connection peer.
Index:
------------------------------------------------------------
001
002
003
004
005
006
007
008
009
010
011
012
Clear IPSec Log (y/n):
This menu is useful for troubleshooting. A log index number, the date and time the log was created and a log
message are displayed.
Double exclamation marks (!!) denote an error or warning message.
The following table shows sample log messages during IKE key exchange.
LOG MESSAGE
Cannot find outbound SA for rule
<#d>
Send Main Mode request to <IP>
Send Aggressive Mode request to
<IP>
Recv Main Mode request from <IP>
Recv Aggressive Mode request from
<IP>
30-2
Date/Time:
01 Jan 08:08:07
01 Jan 08:08:07
01 Jan 08:08:08
01 Jan 08:08:08
01 Jan 08:08:10
01 Jan 08:08:10
01 Jan 08:08:10
01 Jan 08:08:10
01 Jan 08:08:10
01 Jan 08:08:10
01 Jan 08:08:10
01 Jan 08:08:10

Figure 30-2 Example VPN Responder IPSec Log

Table 30-1 Sample IKE Key Exchange Logs
Log:
Recv Main Mode request from <192.168.100.100>
Recv:<SA>
Send:<SA>
Recv:<KE><NONCE>
Send:<KE><NONCE>
Recv:<ID><HASH>
Send:<ID><HASH>
Phase 1 IKE SA process done
Recv:<HASH><SA><NONCE><ID><ID>
Start Phase 2: Quick Mode
Send:<HASH><SA><NONCE><ID><ID>
Recv:<HASH>
The packet matches the rule index number (#d), but
Phase 1 or Phase 2 negotiation for outbound (from the
VPN initiator) traffic is not finished yet.
The ZyWALL has started negotiation with the peer.
The ZyWALL has received an IKE negotiation request
from the peer.
DESCRIPTION
IPSec Log