ZyXEL Communications ZyWall 10W User Manual page 649

LOG MESSAGE
vulnerability ICMP (type:%d,
code:%d)
traceroute ICMP (type:%d, code:%d)
LOG MESSAGE
Discard REPLAY packet
Inbound packet authentication failed
Receive IPSec packet, but no
corresponding tunnel exists
Rule <%d> idle time out, disconnect
WAN IP changed to <IP>
LOG MESSAGE
Active connection allowed
exceeded
Start Phase 2: Quick Mode
Verifying Remote ID failed:
Log Descriptions
ZyWALL Series Internet Security Gateway
Chart S-11 Attack Logs
The firewall detected an ICMP vulnerability attack, see the
section on ICMP messages for type and code details.
The firewall detected an ICMP traceroute attack, see the
section on ICMP messages for type and code details.
Chart S-12 IPSec Logs
The router received and discarded a packet with an
incorrect sequence number.
The router received a packet that has been altered. A third
party may have altered or tampered with the packet.
The router dropped an inbound packet for which SPI could
not find a corresponding phase 2 SA.
The router dropped a connection that had outbound traffic and no
inbound traffic for a certain time period. You can use the "ipsec
timer chk_conn" CI command to set the time period. The default
value is 2 minutes.
The router dropped all connections with the "MyIP"
configured as "0.0.0.0" when the WAN IP address changed.
Chart S-13 IKE Logs
The IKE process for a new connection failed because the
limit of simultaneous phase 2 SAs has been reached.
Phase 2 Quick Mode has started.
The connection failed during IKE phase 2 because the
router and the peer's Local/Remote Addresses don't match.
DESCRIPTION
DESCRIPTION
DESCRIPTION
S-9