Chapter 26 Logs Screens
Table 177 IKE Logs (continued)
LOG MESSAGE
Rule [%d] phase 1 mismatch
Rule [%d] phase 2 mismatch
Rule [%d] Phase 2 key length
mismatch
Remote Gateway Addr in rule
[%s] is changed to %s"
New My ZyWALL Addr in rule
[%s] is changed to %s
Remote Gateway Addr has
changed, tunnel [%s] will be
deleted
My ZyWALL Addr has changed,
tunnel [%s] will be deleted
Table 178 PKI Logs
LOG MESSAGE
Enrollment successful
Enrollment failed
Failed to resolve
<SCEP CA server url>
Enrollment successful
Enrollment failed
Failed to resolve <CMP
CA server url>
Rcvd ca cert: <subject
name>
Rcvd user cert:
<subject name>
Rcvd CRL <size>:
<issuer name>
Rcvd ARL <size>:
<issuer name>
Failed to decode the
received ca cert
504
DESCRIPTION
The listed rule's IKE phase 1 did not match between the
router and the peer.
The listed rule's IKE phase 2 did not match between the
router and the peer.
The listed rule's IKE phase 2 key lengths (with the AES
encryption algorithm) did not match between the router and
the peer.
The IP address for the domain name of the peer gateway in
the listed rule changed to the listed IP address.
The IP address for the domain name of the ZyWALL in the
listed rule changed to the listed IP address.
The listed tunnel will be deleted because the remote
gateway's IP address changed.
The listed tunnel will be deleted because the ZyWALL's IP
address changed.
DESCRIPTION
The SCEP online certificate enrollment was successful. The
Destination field records the certification authority server IP address
and port.
The SCEP online certificate enrollment failed. The Destination field
records the certification authority server's IP address and port.
The SCEP online certificate enrollment failed because the certification
authority server's address cannot be resolved.
The CMP online certificate enrollment was successful. The Destination
field records the certification authority server's IP address and port.
The CMP online certificate enrollment failed. The Destination field
records the certification authority server's IP address and port.
The CMP online certificate enrollment failed because the certification
authority server's IP address cannot be resolved.
The router received a certification authority certificate, with subject
name as recorded, from the LDAP server whose IP address and port
are recorded in the Source field.
The router received a user certificate, with subject name as recorded,
from the LDAP server whose IP address and port are recorded in the
Source field.
The router received a CRL (Certificate Revocation List), with size and
issuer name as recorded, from the LDAP server whose IP address and
port are recorded in the Source field.
The router received an ARL (Authority Revocation List), with size and
issuer name as recorded, from the LDAP server whose address and
port are recorded in the Source field.
The router received a corrupted certification authority certificate from
the LDAP server whose address and port are recorded in the Source
field.
ZyWALL 2WG User's Guide