ScreenOS Message Log Reference Guide Release 6.0.0, Rev. 1 Messages -- Text Only P/N 530-017766-01, Revision 1 Addresses ---------------------------------------- Notification (00001) Address group session. Address group session. Address for domain address in zone session. Address for IP address in zone session. Address for ip address in zone session. Admin ---------------------------------------- Alert (00027) ScreenOS .. Serial# : ScreenOS .. Serial# : System configuration has been erased Critical (00027) Multiple login failures occurred for user Multiple login failures occurred for user from IP address : Warning (00002) ADMIN AUTH: Local instance of an external admin user privilege has been changed from to . Warning (00515) Admin user has been forced to log out of the serial console session. Admin user has been forced to log out of the SSH session on host : Admin user has been forced to log out of the Telnet session on host : Admin user has been forced to log out of the Web session on host : Admin user has logged on via SSH from : Admin user has logged on via Telnet from : Admin user has logged on via the console Admin user has logged out via SSH from : Admin user has logged out via Telnet from : Admin user has logged out via the console Login attempt to system by admin via SSH from : has failed Login attempt to system by admin via Telnet from : has failed Login attempt to system by admin via the console has failed Management session via serial console for admin has timed out Management session via SSH from : for admin has timed out Management session via Telnet from : for admin has timed out Remotely authenticated Admin demoted from ROOT privilege to RW privilege. Remotely authenticated Admin demoted from privilege to privilege. Vsys admin user has logged on via SSH from : Vsys admin user has logged on via Telnet from : Vsys admin user has logged on via the console Vsys admin user has logged out via SSH from : Vsys admin user has logged out via Telnet from : Vsys admin user has logged out via the console Warning (00518) ADM: Local admin authentication failed for login name : invalid login name ADM: Local admin authentication failed for login name : invalid password Admin user has been rejected via the server at . Warning (00519) Admin user has been accepted via the server at . Notification (00002) ADM: Non-primary authentication server to authenticate non-ROOT privileged admins. Modifier: ADM: Non-primary authentication server to authenticate ROOT privileged admins. Modifier: ADM: Remote authentication server set to . Modifier: ADM: Remotely authenticated admins READ-ONLY privilege. Modifer: ADM: Remotely authenticated ROOT privileged admins . Modifer: Maximum failed login attempts before administrative session disconnects has been modified from to by admin Root admin access restriction through console only has been disabled by admin Root admin access restriction through console only has been enabled by admin Root admin password restriction of minimum characters has been disabled by admin Root admin password restriction of minimum characters has been enabled by admin Single use password restriction for read-write administrators has been disabled by admin Single use password restriction for read-write administrators has been enabled by admin Notification (00003) The console debug buffer has been The console page size changed from to The console timeout value changed from to minutes The serial console has been by admin Information (00002) Admin account created for Admin account deleted for Admin account modified for Admin name for account has been modified to Admin password for account has been modified Extraneous exit is issued HTTP port has been changed from to Management restriction for IP has been removed in vsys . (by admin ) Management restriction for IP subnet has been added in vsys ''. (by admin ) Management restriction removed for all IPs in vsys . (by admin ) Management restriction removed for all IPs on device. (by admin ) SSH port has been changed from to System IP has been changed from to Telnet port has been changed from to Web admin authentication idle timeout value has been changed from to minutes ADSL ---------------------------------------- Notification (00557) ADSL Line Activating. ADSL Line Closed. ADSL Line Close Rejected. ADSL Line Down. ADSL Line in an unknown state. ADSL Line Opened (=>Showtime). ADSL Line Open Failed (Errored Message Received from ATU-C). ADSL Line Open Failed (Forced Silence). ADSL Line Open Failed (Incompatible Line Conditions). ADSL Line Open Failed (Protocol Error). ADSL Line Open Failed (Spurious ATU Detected). ADSL Line Open Failed (Unable to Lock with ATU-C). ADSL Line Open Failed (Unknown Error Code). ADSL Line Open Failed (Unselectable Operation Mode). ADSL Line Open Rejected. ADSL Line Signal Lost detected. ADSL Line Suicide Request Received. ADSL Line UP Fast and Interleave Channels. ADSL Line UP Fast Channel, change Utopia address to match it. ADSL Line UP Fast Channel. ADSL Line UP Interleaved Channel, change Utopia address to match it. ADSL Line UP Interleaved Channel. ADSL Line Waiting for Activating. Notification (00616) ADSL/0 Line Down. ADSL/0 Line Training. ADSL/0 Line Up. ADSL/0 SOC Firmware Failed (Load Bootrom Failure). ADSL/0 SOC Firmware Failed (Load image Failure). ADSL/0 SOC Firmware Failed (push configuration failure). ADSL/0 SOC Firmware Reboot(Keepalive timeout). ADSL/0 SOC Firmware Reset. ADSL/0 SOC Firmware Startup Failed (Wait Startup timeout). ADSL/0 SOC Firmware Startup Successful. Anti-spam ---------------------------------------- Warning (00064) Anti-Spam is attached to policy ID . Anti-Spam is detached from policy ID . Warning (00563) Anti-Spam: SPAM FOUND ! . Notification (00064) Anti-Spam action changed. Anti-Spam blacklist is changed. Anti-Spam SBL server configured: . Anti-Spam whitelist is changed. Notification (00563) Anti-Spam: Exceeded maximum concurrent connections (). Anti-Spam key is expired (expiration date: %t2; current date: %t2). Antivirus ---------------------------------------- Critical (00554) SCAN-MGR: AV pattern file size is too large ( bytes). SCAN-MGR: Cannot write AV pattern file to flash. SCAN-MGR: Check AV pattern file failed with error code: . SCAN-MGR: Check AV pattern file failed with error code: . WARNING: Current hardware configuration does not support embedded AV scanning. Please upgrade system memory. Critical (00574) ICAP: Input file size is too large ( bytes). Warning (00066) AV configures an Extension list with extension . AV configures MIME list with MIME . AV creates profile . AV object timeout is reset to default value. AV object timeout is reset to its default value. AV pattern type is changed from to due to increasing pattern file size and limited flash space. AV profile sets ICAP to . AV profile s protocol . AV profile s protocol . AV profile unsets ICAP . AV removes extension list . AV removes MIME list . AV removes profile . AV is attached to policy ID . AV is detached from policy ID Warning (00547) AV: Content from :->:%.64s is dropped because maximum concurrent messages are exceeded. AV: Content from :->:%.64s is dropped because maximum content size is exceeded. AV: Content from :->:%.64s is dropped due to scan-engine error or constraint with code for . AV: Content from :->:%.64s is dropped due to scan-engine error or constraint with code for . AV: Content from :->:%.64s is passed because maximum concurrent messages are exceeded. AV: Content from :->:%.64s is passed because maximum content size is exceeded. AV: Content from :->:%.64s is passed due to scan-engine error or constraint with code for . AV: Content from :->:%.64s is passed due to scan-engine error or constraint with code for . AV: VIOLATION FOUND: :->:%.64s total , id : violation action .(file ) AV: VIRUS FOUND: :->:%.64s file %.64s virus Notification (00066) AV fail mode is set to unexamined traffic if a corrupt file is detected. AV fail mode is set to unexamined traffic if any error occurs. AV fail mode is set to unexamined traffic if a password protected file is detected. AV fail mode is set to unexamined traffic if content size exceeds maximum. AV fail mode is set to unexamined traffic if number of decompress layers exceeds maximum. AV fail mode is set to unexamined traffic if the firewall runs out of resources. AV fail mode is set to unexamined traffic if the operation times out. AV fail mode is set to unexamined traffic if the scan engine is not ready. AV HTTP sets webmail pattern . AV HTTP trickling setting to be trickling byte for every KB if content length is larger than KB, timeout interval is seconds. AV HTTP trickling setting to be trickling byte for every Mb, if content length is larger than MB. AV HTTP turns off HTTP trickling. AV HTTP turns HTTP connection header close modification. AV HTTP turns HTTP webmail scanning. AV HTTP unsets webmail pattern . AV maximum content size is set to KB. AV maximum number of concurrent messages is set to . AV object is enabled with timeout . AV object is enabled with timeout . AV per client allowed resource is set to percent. AV queue size is set to . Notification (00081) ICAP server-group is added. ICAP server-group is removed. ICAP server has maximum connections set to . ICAP server is added to server-group . ICAP server is disabled. ICAP server is enabled. ICAP server is removed. ICAP server is removed from server-group . ICAP server is set with host address and port . ICAP server probe interval is set to . ICAP server probe URL is set to . Notification (00547) ICAP: Server status changed from to . Notification (00554) SCAN-MGR: Attempted to load AV pattern file created on %t2 after the AV license expired on %t2. SCAN-MGR: AV scan engine is ready. SCAN-MGR: Cannot retrieve AV pattern file due to (). HTTP status code: . SCAN-MGR: New AV pattern file has been updated. Version: ; size: bytes. SCAN-MGR: SCAN-MGR: The URL for AV pattern update server is set to and the update interval is set to minutes. SCAN-MGR: The URL for AV pattern update server is unset and the update interval returned to its default. ARP ---------------------------------------- Critical (00031) detected an IP conflict (IP , MAC %m) on interface Critical (00079) detected a duplicate VSD group master (IP , MAC %m) on interface Notification (00031) ARP detected IP conflict: IP address changed from interface to interface Notification (00051) Static ARP entry added to interface with IP and MAC %m Notification (00052) Static ARP entry deleted from interface with IP address and MAC address %m Notification (00053) ARP always on destination enabled Notification (00054) ARP always on destination disabled Notification (00082) IRDP cli: Attack Database ---------------------------------------- Critical (00767) WARNING: Current hardware configuration cannot support Deep Inspection. Please upgrade system memory. Notification (00767) Attack database version is rejected because the authentication check failed. Attack database version is saved to flash. Attack group is added to . Attack group is changed to . Attack group is created . Attack group is deleted . Attack group is removed from . Attack is added to attack group . Attack is changed to . Attack is created . Attack is deleted . Attack is removed from . Cannot download attack database from (error ). Cannot parse attack database. Cannot parse attack database header info. Cannot save attack database version . Cannot switch to attack database version . Deep Inspection update key is expired. Attacks ---------------------------------------- Critical (00024) has overflowed. Notification (00002) Bypass non-IP traffic option is . Bypass-others-IPSec option is . Logging of dropped traffic to self (excluding multicast) has been . Logging of dropped traffic to self has been . Logging of ICMP traffic to self has been . Logging of IKE traffic to self has been . Logging of SNMP traffic to self has been . Malicious URL is for . Screening of all attacks is on . is set to for . is on . Information (00534) is cleared. Auth ---------------------------------------- Critical (00015) Administrator's password complexity is set to scheme '' by admin ''. Administrator's password minimum length is set to '' by admin ''. Auth user's password complexity is set to scheme '' by admin ''. Minimum length of Auth user's password is set to '' by admin ''. Critical (00518) Admin user '' authorization failure: Password does not comply with password policy. Auth user authorization failure: Password does not comply with password policy. Warning (00518) Authentication for user at was denied (long password). Authentication for user at was denied (long password). Authentication for user at was denied (long username). Authentication for user at was denied (long username). Error in authentication for WebAuth user at Local authentication for user at was denied. Local authentication for WebAuth user at was denied User at is challenged by the server at . (Rejected because challenge is not supported for FTP). User at is challenged by the server at . (Rejected because challenge is not supported for Web). User at is rejected by the server at . User at is rejected by the server at . User at is rejected through the server at . User at authentication attempt has timed out. User at authentication attempt has timed out. User at authentication attempt has timed out. WebAuth user at is rejected/timed out by the server at . Warning (00519) Local authentication for user at was successful. Local authentication for WebAuth user at was successful User at is accepted by the server at . User at is accepted by the server at . User at is accepted via the server at . WebAuth user at is accepted by the server at . Warning (00520) Backup1 , backup2 , and primary servers failed. Backup2 , primary , and backup1 servers failed. Primary , backup1 , and backup2 servers failed. Trying backup1 server . Trying backup2 server . Trying primary server . Notification (00015) Admin user attempted to verify the encrypted password . Verification failed. Admin user attempted to verify the encrypted password . Verification was successful. Auth server account type is set to . Auth server authentication timeout is set to . Auth server backup1 name is unset. Auth server backup1 server name is set to . Auth server backup2 name is unset. Auth server backup2 server name is set to . Auth server fail-over revert interval is set to seconds. Auth server id is set to . Auth server is created. Auth server is deleted. Auth server is modified. Auth server LDAP cn is set to . Auth server LDAP dn is set to . Auth server LDAP parameters are set to server name: , port: , dn: , cn: . Auth server LDAP port number is set to . Auth server RADIUS port is set to . Auth server RADIUS port is unset to default . Auth server RADIUS retry timeout is set to default of . Auth server RADIUS secret is changed. Auth server RADIUS secret is disabled. Auth server SecurID auth port is set to . Auth server SecurID backup1 server name is set to . Auth server SecurID client retries is set to . Auth server SecurID server name is set to . Auth server SecurID timeout is set to . Auth server SecurID use duress is disabled. Auth server SecurID use duress is enabled. Auth server SecurID uses DES encryption. Auth server SecurID uses SDI encryption. Auth server server name is disabled. Auth server server name is set to . Auth server timeout is unset to default . Auth server type is set to LDAP. Auth server type is set to RADIUS. Auth server type is set to SecurID. Auth server type is unset to default RADIUS. Auth server username character separator is set to <>separator_char>; number of occurrences of character separator is . Certificate Authority index for Infranet Controller changed. Certificate subject for Infranet Controller changed from to . Contact interval for Infranet settings changed from to seconds. Default firewall authentication server is changed to . Forced timeout for Auth server authentication is set to minutes. Forced timeout for Auth server is unset to its default value, minutes. Host name for Infranet Controller changed from to . Infranet Controller is created. Infranet Controller is deleted. Infranet Enforcer could not connect to Infranet Controller (ip ). Infranet Enforcer could not connect to the Infranet Controller because a socket could not be created. Infranet Enforcer could not connect to the Infranet Controller because a socket is already connected. Infranet Enforcer could not connect to the Infranet Controller because no certificate is set for the Controller. Infranet Enforcer could not connect to the Infranet Controller because no IP address is set for the Controller. Infranet Enforcer could not connect to the Infranet Controller because no password is set for the Controller. Infranet Enforcer could not connect to the Infranet Controller because the Controller could not be reached on the network. Infranet Enforcer could not connect to the Infranet Controller because the interface could not be bound to the socket. Infranet Enforcer could not connect to the Infranet Controller because the socket could not be bound. Infranet Enforcer could not connect to the Infranet Controller because the socket could not be bound to SSL protocol. Infranet Enforcer did not receive a keepalive from the Infranet Controller() in the past seconds. Cleaning up internal state. Infranet Enforcer is connected to Infranet Controller (ip ). IP address for Infranet Controller changed from to . Number of RADIUS retries for auth server is set to . Password for Infranet Controller changed. Port number for Infranet Controller changed from to . Source interface for Infranet Controller changed from to . Timeout action for Infranet settings changed from to . Timeout for Infranet Controller changed from to seconds. WebAuth is set to . Notification (00525) The new PIN for user at is by SecurID . User at has selected a system-generated PIN for authentication with SecurID . User at must enter New PIN for SecurID . User at must enter Next Code for SecurID . User at must make a New PIN choice for SecurID . Notification (00543) Access for firewall user at (accepted at 2 for duration ) by policy id is now over. Access for firewall user at (accepted at 2 for duration ) by policy id is now over due to forced timeout. Access for firewall user at (accepted at 2 for duration through the auth server) by policy id is now over. Access for firewall user at (accepted at 2 for duration via the auth server) by policy id is now over due to forced timeout. Access for WebAuth firewall user at (accepted at 2 for duration ) is now over. Access for WebAuth firewall user at (accepted at 2 for duration ) is now over due to forced timeout. Access for WebAuth firewall user at (accepted at 2 for duration through the auth server) is now over. Access for WebAuth firewall user at (accepted at 2 for duration through the auth server) is now over due to forced timeout. Notification (00546) User at is challenged by the server at . Notification (00767) Cannot get route to SecurID server . FIPS: Attempt to set RADIUS shared secret with invalid length . The device cannot contact the SecurID server. The device cannot send data to the SecurID server. The dictionary file version on the RADIUS server does not match the version supported on the firewall. User belongs to a different group in the RADIUS server than that allowed in the device. BGP ---------------------------------------- Critical (00206) The total number of redistributed routes into BGP in vrouter () exceeded system limit () Notification (00039) virtual router with the BGP protocol virtual router with the configuration command Information (00542) BGP instance created for virtual router BGP instance deleted for virtual router BGP of vr: , closing the socket: exceeded maximum number of bgp peers allowed () BGP of vr: , failed to add prefix / to FDB BGP of vr: , prefix adding: /, ribin overflow times (max rib-in ) BGP of vr: , Route / ignored, Path Attr len: (greater than max. ) BGP peer changed to Established state BGP peer changed to Idle state BGP peer created. BGP peer disabled. BGP peer enabled. BGP peer removed. BGP received route-refresh request from peer for afi/safi: / BGP sent route-refresh request to peer for afi/safi: / invalid error code from notification message Cisco-HDLC ---------------------------------------- Alert (00087) Cisco-HDLC detected loop times on interface . Notification (00076) CISCO-HDLC keepalive down count value was changed from to on interface . CISCO-HDLC keepalive interval was changed from to on interface . CISCO-HDLC keepalive is on interface . CISCO-HDLC keepalive up count value was changed from to on interface . Set interface encap as cisco-hdlc. Unset interface encap from cisco-hdlc. Notification (00571) CISCO-HDLC is on interface . Device ---------------------------------------- Alert (00767) Critical (00020) The system memory is low ( bytes allocated out of total bytes). Critical (00022) All fans are now functioning properly. At least one fan is not functioning properly. The battery is not functioning properly. The battery is now functioning properly. The power supply is functioning properly. The power supply is not functioning properly. The system temperature: ( Centigrade, Fahrenheit) is severely high! The system temperature ( Centigrade, Fahrenheit) is OK now. The system temperature ( Centigrade, Fahrenheit) is too high! Critical (00034) Ethernet driver ran out of rx bd (port ). Critical (00092) WAN card is not functioning properly and will be restarted. Critical (00612) Switch error: get register (dev , reg ) fail. Switch error: set register (dev , reg , value 0x) fail. Critical (00701) Security Board System Hanged Critical (00702) Security Board CPU Packet Drop Counter Critical (00751) Switch error: . Critical (00767) Error (00009) / vid HW vtable leak, total entries. Notification (00002) LCD control keys have been locked. LCD display has been turned off and the LCD control keys have been locked. LCD display has been turned on. LCD display has been turned on and the LCD control keys have been unlocked. Notification (00023) System configuration has been erased. Notification (00545) Failed to initialize modem , Modem failed to dial , Modem has been disconnected. Modem is connected. Phone number: , Account name: , Status Notification (00612) bgroup event: . bgroup setting: bind port to interface . bgroup setting: unbind port from interface . Switch event: change interface from mii to mii . Switch event: the status of ethernet interface change to link , duplex , speed . Switch event: the status of ethernet port changed to link , duplex , speed . Switch init: . switch install: install port to interface . Switch setting: . Switch setting: set interface . Switch setting: set interface . Notification (00767) DHCP ---------------------------------------- Alert (00029) IP pool of DHCP server on interface is full. Unable to IP address to client at %m. Critical (00029) DHCP server set to OFF on (another server found on ). Warning (00527) IP pool of DHCP server on interface is more than 90%% allocated. Notification (00009) DHCP client is on interface . Notification (00024) DHCP client admin preference is set on as . DHCP client admin preference is unset on from . DHCP relay agent settings on are . DHCP server IP address pool is changed. DHCP server is . DHCP server options are . DHCP server shared IP is . Notification (00027) DHCP client auto-config is . DHCP client lease time is set to default value. DHCP client lease time is set to minutes. DHCP client server IP address is reset. DHCP client server IP address is set to . DHCP client server-update is . DHCP client vendor identifier is reset. DHCP client vendor identifier is set to . Information (00527) DHCP server has assigned or released an IP address. DHCP server on interface received DHCPDISCOVER from %m requesting out-of-scope IP address /. DHCP server released an IP address. IP address is assigned to %m. IP address is released from %m. MAC address %m has declined address . One or more IP addresses are expired. Information (00530) An IP address conflict is detected and the DHCP client declined address . DHCP client IP address for interface has been manually released. DHCP client is unable to get IP address for interface . DHCP client lease for has expired. DHCP client on interface was offered IP / and did not proceed with DHCPREQUEST. Reason -- DHCP server assigned interface with IP address (lease time minutes). Information (00767) System auto-config of file from TFTP server has failed. System auto-config of file from TFTP server is loaded successfully. DHCP6 ---------------------------------------- Notification (00024) DHCP6 client is on interface . DHCP6 server configured on is . DHCP6 server options at are . DHCP server IP address pool has changed. Information (00527) DHCP6: Client received from , xid %x. DHCP6: Client send from to , xid %x len . DHCP6: Client start at . DHCP6: Server received from , xid %x. DHCP6: Server send from to , xid %x len . DHCP6: Server send from to , xid %x len . DHCP6 client error, received bits prefix with bits in sla id. DIP, VIP, MIP, and Zones ---------------------------------------- Critical (00023) VIP server cannot be contacted. Critical (00102) Utilization of DIP pool in vsys hits raise threshold %%. Critical (00103) Utilization of DIP pool in vsys hits clear threshold %%. Notification (00010) Mapped IP - Notification (00016) VIP (: ) VIP multi-port was disabled VIP multi-port was enabled Notification (00021) DIP group was created DIP group was removed DIP IP pool was removed from DIP group DIP IP pool - DIP pool was added into DIP group DIP port-translation stickiness was Notification (00037) Asymmetric vpn was on zone . Intra-zone block for zone was set to IP/TCP reassembly for ALG was on zone . New zone (ID ) was created. Tunnel zone was bound to out zone Zone (ID ) was deleted. Zone was bound to virtual router Zone was changed to non-shared. Zone was changed to shared. Zone was unbound from virtual router Notification (00533) VIP server is now alive. VIP server is now in manual mode. DNS ---------------------------------------- Critical (00021) Connection refused by the DNS server. DNS server is not configured. Unknown DNS error. Notification (00004) Daily DNS lookup has been disabled. Daily DNS lookup time has been changed to start at : with an interval of hours. DNS cache table has been cleared. DNS Proxy module has been disabled. DNS Proxy module has been enabled. DNS Proxy module has more concurrent client requests than allowed. DNS Proxy server select table added with domain , interf , ip . DNS Proxy server select table deleted with domain . DNS Proxy server select table enties exceeded max limit. The { primary | secondary | ternary } DNS server IP address has been changed. The { primary | secondary | ternary } DNS server IP address has been changed. The { primary | secondary | ternary } DNS server IP address has been changed. Notification (00029) DNS has been refreshed. Notification (00059) Agent of DDNS entry with id is reset to its default value. DDNS entry with id is configured with interface host-name . DDNS entry with id is configured with server type name refresh-interval hours mininum update interval minutes with secure connection. DDNS entry with id is configured with user name agent . DDNS entry with id is deleted. DDNS module is disabled. DDNS module is enabled. DDNS module is initialized. DDNS module is shut down. DDNS server returned incorrect ip , local-ip should be . Error response received for DDNS entry update for id user domain , server type name . Hostname of DDNS entry with id is cleared. Minimum update interval of DDNS entry with id is set to default value (60 min). No-Change response received for DDNS entry update for id user domain server type , server name . Refresh interval of DDNS entry with id is set to default value (168 hours). Source interface of DDNS entry with id is cleared. Success response received for DDNS entry update for id user domain server type name . Updates for DDNS entry with id are set to be sent in secure (https) mode. Username and password of DDNS entry with id are cleared. Notification (0059) Server of DDNS entry with id is cleared. Information (00004) DNS entries have been automatically refreshed. DNS entries have been manually refreshed. DNS entries have been refreshed as result of DNS server address change. DNS entries have been refreshed as result of external event. DNS entries have been refreshed by HA. Entitlement and System ---------------------------------------- Emergency (00093) Alert (00027) License key expired after 30-day grace period. License key has expired. License key is due to expire in 2 months. License key is due to expire in 2 weeks. License key is due to expire in a month. Request to register the device failed to reach the server by . Server url: . Request to retrieve license key failed to reach the server by . Server url: Critical (00027) New config includes invalid settings. System rolled back to LKG config. Critical (00051) Session utilization has dropped below , which is %% of the system capacity! Session utilization has reached , which is %% of the system capacity! Critical (00080) Cannot create a DI pool with a size of bytes. Critical (00081) Cannot allocate bytes of memory. Critical (00850) Session limit alarm has been cleared for vsys (current , dropped packets ) Session limit alarm has been set for vsys (current , alarm threshold ). Error (00767) can only do set alg _all as unset alg _all command has issued. Notification (00002) Session threshold has been changed to percentage Notification (00006) Domain set to . Hostname set to . Notification (00008) System clock configurations have been changed System clock was changed manually from . System up time shifted by seconds. Notification (00036) An optional ScreenOS feature has been activated via a software key. No license key is available for retrieval by . Received identical license key by . Register device succeeded and warranty key is installed. Retrieve firmware list failed. Retrieve firmware list succeeded: firmware. Retrieve firmware list succeeded: firmware. license keys were updated successfully by . Notification (00526) The user limit has been exceeded and cannot be added. Notification (00575) Notification (00767) Administrator issued command to redirect output. Invalid configuration size (). Session (id , ) cleared: System is operational. System was reset at Trial keys are available to download to enable advanced features. To find out, please visit http://www.juniper.net/products/subscription/trial/. Unsupported command Information (00767) All system configurations saved to by . Daylight Saving Time ended. Daylight Saving Time has started. Environment variable changed to . Environment variable set to . Environment variable unset. Load file from usb to flash by administrator . Lock configuration aborted because minute(s) timeout was exceeded. Lock configuration aborted explicitly by task . Lock configuration ended by task . Lock configuration started by task , with a timeout value of minute(s). New GMT zone ahead or behind by seconds. Save configuration to IP address under filename by administrator . Save new software from under filename to flash memory . Save new software from slot filename to flash memory . Save new software from usb filename to flash memory by administrator . Script Get-command has started. Script Get-command has stopped. Send file from flash to usb by administrator . Send new software from flash memory to slot filename by administrator . Send new software from flash memory to usb filename by administrator . Send new software from IP address under filename to slot by administrator . Send new software from IP address under filename to usb by administrator . Send new software to IP address under filename by administrator . System configuration saved by . The system configuration was loaded from flash memory to by administrator . The system configuration was loaded from flash memory to slot by administrator . The system configuration was loaded from IP address under filename by administrator . The system configuration was loaded from under the filename to slot by administrator . The system configuration was loaded from under the filename to usb by administrator . The system configuration was loaded from slot . The system configuration was loaded from usb by administrator . The system configuration was not saved by administrator . It was locked by administrator . Timer FIPs ---------------------------------------- Notification (00030) FIPS error error code . Flow ---------------------------------------- Alert (00800) Shared to fair transition forced. Alert (00801) Shared to fair transition: utilization >= threshold . Critical (00802) Fair to shared transition forced. Critical (00803) Fair to shared transition: time limit exceeded. Critical (00804) Fair to shared transition: utilization < threshold . Notification (00002) (/) set vlan port group zone . (/) vlan group name . (/) vlan group . (/) vlan import . (/) unset vlan port group . Transparent virutal wire mode has been . Notification (00040) Aggressive age-out value has been changed from to . High watermark for early aging has been changed from to . High watermark for early aging has been changed to the default (). Low watermark for early aging has been changed from to . Low watermark for early aging has been changed to the default (). The aggressive age-out value has been changed to the default (). Notification (00079) CPU limit . Desired fair mode changed from to . Fair to shared hold-down time changed from to . Fair to shared threshold changed from to . Fair to shared time changed from to . Shared to fair hold-down time changed from to . Shared to fair threshold changed from to . Notification (00085) Flow reverse-route changed from to . Notification (00573) Running in Infranet Test mode: Allow packet. In Regular mode, would drop packet on Infranet authentication policy because Infranet auth table denied it. Source IP , Destination IP , Policy ID . Running in Infranet Test mode: Allow packet. In Regular mode, would drop packet on Infranet authentication policy because Infranet Controller timeout occurred and time-out action was 'close'. Source IP , Destination IP , Policy ID . Running in Infranet Test mode: Allow packet. In Regular mode, would drop packet on Infranet authentication policy because there is no Infranet auth table entry. Source IP , Destination IP , Policy ID . Running in Infranet Test mode: Allow packet on Infranet authentication policy. Infranet Controller timeout occurred, time-out action was 'open'. Source IP , Destination IP , Policy ID . Running in Infranet Test mode: Infranet authentication succeeded, let the packet through. Source IP , Destination IP , Policy ID . Notification (00601) IP action detected attack attempt . Frame Relay ---------------------------------------- Alert (00085) [mlfr/lip]: detected loop times. [mlfr/lip]: the bid in the ADD_LINK packet from link is inconsistent with the received bid on the bundle . Notification (00074) [fr/cfg]: : [fr/cfg]: : [fr/cfg]: LMI: set to . [fr/cfg]: LMI: set to . Notification (00075) [mlfr/cfg]: add link to bundle . [mlfr/cfg]: delete link from bundle . [mlfr/cfg]: set interface encap as mlfr-uni-nni. [mlfr/cfg]: set lip acknowledge-retries as for bundle link . [mlfr/cfg]: set lip acknowledge-timer as (s) for bundle link . [mlfr/cfg]: set lip fragment-threshold as for bundle link . [mlfr/cfg]: set lip hello-timer as (s) for bundle link . [mlfr/cfg]: set MLFR bundle-id as for multilink interface . [mlfr/cfg]: set MLFR drop-timeout as for multilink interface . [mlfr/cfg]: set MLFR minimum-links as for multilink interface . [mlfr/cfg]: unset bundle link lip fragment-threshold to . [mlfr/cfg]: unset interface encap from mlfr-uni-nni. [mlfr/cfg]: unset lip acknowledge-retries to default for bundle link . [mlfr/cfg]: unset lip acknowledge-timer to default (s) for bundle link . [mlfr/cfg]: unset lip hello-timer to default (s) for bundle link . [mlfr/cfg]: unset MLFR bundle-id as the name of multilink interface . [mlfr/cfg]: unset MLFR drop-timeout to 0 (disable) for multilink interface . [mlfr/cfg]: unset MLFR minimum-links to default (1) for multilink interface . Notification (00086) [fr/lmi]: : LMI link is down due to errors over threshhold (n392). Notification (00569) [fr/lmi]: dlci() status changed to . [fr/lmi]: LMI status changed to . Notification (00570) [mlfr/lip]: change bundle physical status to down. [mlfr/lip]: changed bundle physical status to up. [mlfr/lip]: link interface LIP is down at bundle . [mlfr/lip]: link interface LIP is up at bundle . [mlfr/lip]: LIP FSM: ( -> ) by event (). GTP ---------------------------------------- Notification (00065) GTP ; GTP sets ; GTP ; Notification (00567) GTP GTP ; Notification (00568) Trace : H.323 ---------------------------------------- Alert (00089) The number of RAS request messages sent to the GK, , exceeds the threshold, . Notification (00619) Concurrent H.323 calls exceeding maximum limit: . Failed to allocate memory for H.323 call context objects. Call dropped Failed to get NAT cookie. Too many concurrent H.323 calls: . Call dropped. HDLC ---------------------------------------- Notification (00539) Dialup HDLC PPP failed to establish a session: . Dialup HDLC PPP failed to establish a session. No IP address assigned. Dialup HDLC PPP session has been successfully established. High Availability ---------------------------------------- Critical (00015) NSRP: . NSRP: . Peer device disappeared. Peer device was discovered. Peer device in the Virtual Security Device group changed state from to . RTO mirror group with direction on local device , detected a duplicate direction on the peer device . The NSRP configuration is out of synchronization between the local device and the peer device. Critical (00060) RTO mirror group with direction changed on the local device from to state, it had peer device . Critical (00061) RTO mirror group with direction on peer device changed from to state, . Critical (00062) Device cannot create Track IP list. Device cannot create Track IP object list. No interface/route enables the Track IP IP address to be transmitted. Track IP failure reached threshold. Track IP IP address failed. Track IP IP address succeeded. Critical (00070) The local device in the Virtual Security Device group changed state from to , . The local device in the Virtual Security Device group changed state from to . Critical (00071) The local device in the Virtual Security Device group () changed state from to , . Critical (00072) The local device in the Virtual Security Device group () changed state from to , . Critical (00073) The local device in the Virtual Security Device group () changed state from to , . Critical (00074) The local device in the Virtual Security Device group changed state from to , . Critical (00075) The local device in the Virtual Security Device group changed state from to . Critical (00076) The local device in the Virtual Security Device group sent a 2nd path request to the peer device . Critical (00077) The local device in the Virtual Security Device group received a 2nd path request from peer device to device . Notification (00007) A request by device for session synchronization(s) was accepted. Device has joined NSRP cluster . Device quit current NSRP cluster . Interface was removed from the monitoring list for . Interface with weight was added to or updated on the monitoring list for . Message was dropped because it contained an invalid encryption password. NSRP: . NSRP black hole prevention disabled. Master(s) of Virtual Security Device groups might not exist. NSRP black hole prevention enabled. Master(s) of Virtual Security Device groups always exists. NSRP cluster authentication password changed. NSRP cluster encryption password changed. NSRP data forwarding was disabled. NSRP data forwarding was enabled. NSRP Run Time Object synchronization between devices was disabled. NSRP Run Time Object synchronization between devices was enabled. NSRP transparent Active-Active mode was disabled. NSRP transparent Active-Active mode was enabled. RTO mirror group was unset. Run Time Object mirror group direction was set to . Run Time Object mirror group was set. Run Time Object mirror group with direction was unset. The current session synchronization by device completed. The HA channel changed to interface . The heartbeat interval of all Virtual Security Device groups changed from (milliseconds) to (milliseconds). The interface with ifnum was removed from the secondary HA path of the devices. The interval of the probe detecting the status of High Availability link was set to seconds. The monitoring threshold was modified to for . The NSRP encryption key was changed. The probe that detects the status of High Availability link was disabled. The secondary HA path of the devices changed from to . The secondary HA path of the devices was set to interface , with ifnum . The threshold of the probe detecting the status of High Availability link was set to . Virtual Security Device group changed to non-preempt mode. Virtual Security Device group changed to preempt mode. Virtual Security Device group priority changed from to . Virtual Security Device group was created. The total number of members in the group is . Virtual Security Device group was deleted. The total number of members in the group was . Zone was removed from the monitoring list for . Zone with weight was added to or updated on the monitoring list for . Notification (00050) Track default gateway disabled. Track IP default gateway enabled. Track IP default gateway updated. Track IP gateway was changed from gateway IP address to . Track IP gateway was changed from gateway IP address to the interface default gateway. Track IP gateway was changed from the interface default gateway to gateway IP address . Track IP interface changed from to . Track IP interval changed from to . Track IP method changed from method name to Track IP IP address added with an interval of seconds, a threshold of , a weight of on interface using method . Track IP IP address removed. Track IP threshold value changed from to . Track IP weight changed from to . Track IP object weight value set to . Track IP object weight value set to default. Track IP Track IP threshold set to . Track IP threshold set to default. Notification (00084) RTSYNC: NSRP route synchronization is disabled. RTSYNC: NSRP route synchronization is enabled. Notification (00620) RTSYNC: Event posted to purge backup routes in all vrouters. RTSYNC: Event posted to send all the DRP routes to backup device. RTSYNC: Recieved coldstart request for route synchronization from NSRP peer. RTSYNC: Serviced coldstart request for route synchronization from NSRP peer. RTSYNC: Started timer to purge all the DRP backup routes - seconds. RTSYNC: Timer to purge the DRP backup routes is stopped. Information (00767) HA: Synchronization file(s) sent to backup device in cluster. IGMP ---------------------------------------- Notification (00055) IGMP all groups static flag was removed on interface . IGMP function was disabled on interface . IGMP function was enabled on interface . IGMP group static flag was added on interface . IGMP group static flag was removed on interface . IGMP groups accept list ID was changed to on interface . IGMP host instance was created on interface . IGMP host instance was deleted on interface . IGMP hosts accept list ID was changed to on interface . IGMP last member query interval was changed to seconds on interface . IGMP leave interval was changed to seconds on interface . IGMP proxy always is disabled on interface . IGMP proxy always is enabled on interface . IGMP proxy was disabled on interface . IGMP proxy was enabled on interface . IGMP query interval was changed to seconds on interface . IGMP query max response time was changed to seconds on interface . IGMP router instance was created on interface . IGMP router instance was deleted on interface . IGMP routers accept list ID was changed to on interface . IGMP static group was added on interface . IGMP version was changed to V on interface . IGMP will do router alert IP option check on interface . IGMP will do same subnet check on interface . IGMP will not do router alert IP option check on interface . IGMP will not do same subnet check on interface . IKE ---------------------------------------- Alert (00026) IKE : Policy Manager's default CA is used by peer to establish an IPSec VPN. IPSec tunnel on interface with tunnel ID 0x received a packet with a bad SPI. ->/, , SPI 0x%x, SEQ 0x%x. Alert (00048) Number of IAS crossed configured upper threshold . Alert (00049) Number of IAS crossed configured lower threshold . Critical (00042) Replay packet detected on IPSec tunnel on with tunnel ID 0x! From to /, , SPI 0x, SEQ 0x. Critical (00111) Attack alarm: IKE ID enumeration attack on interface from src_ip . Critical (00114) ACVPN: Error in received profile from hub in vr : . Error (00047) The number of IAS exceeds the configured maximum . Error (00050) IAS for peer has IKE error: . Error (00110) IAS for peer has IKE error: . Error (00536) IAS for peer and XAUTH user activated. IAS for peer and XAUTH user terminated by . Notification (00017) Gateway at in mode with ID . P1 proposal with , DH group , ESP , auth , and lifetime . P2 proposal with DH group , , enc , auth , and lifetime ( sec/ KB) . Information (00536) An initial Phase 1 packet arrived from an unrecognized peer gateway An unencrypted packet unexpectedly arrived An unexpected encrypted packet arrived A Phase 2 packet arrived while XAuth was still pending A required payload was missing IAS for peer and XAUTH user activated. IAS for peer and XAUTH user terminated by . IKE: Removed Phase 2 SAs after receiving a notification message. IKE: User with ID requested a connection. IKE: XAuth assign dns1 dns2 wins1 wins2 . IKE: XAuth assign DNS . IKE: XAuth assign prefix / to interface . IKE: XAuth assign prefix / to interface failed. IKE: XAuth IP pool not configured. IKE: XAuth no more IP addresses in IP pool . IKE<> Phase 1: IKE initiator has detected NAT in front of the local device. IKE<> Phase 1: IKE initiator has detected NAT in front of the remote device. IKE<> Phase 1: IKE responder has detected NAT in front of the local device. IKE<> Phase 1: IKE responder has detected NAT in front of the remote device. IKE DPD configuration changed, IKE DPD found peer at not responding. IKE gateway has been disabled. The peer address cannot be resolved to an IP address. IKE gateway has been disabled because the peer IP address is already in use by another IKE gateway on interface . IKE gateway has been enabled. The peer address has been resolved to . IKE : Added Phase 2 session tasks to the task list. IKE : Added the initial contact task to the task list. IKE : An SA (ID ) with a higher weight replaced the SA (ID ) in policy ID . IKE : Changed heartbeat interval to . IKE : Dropped a packet from the peer because no policy permits it. IKE : Heartbeats have been disabled because the peer is not sending them. IKE : Heartbeats have been lost times. IKE : Missing heartbeats have exceeded the threshold. All Phase 1 and 2 SAs have been removed. IKE : New SA (ID ) is up. Switch policy ID from SA . IKE : Phase 1 SA (my cookie:x) was removed due to a simultaneous rekey. IKE : Phase 2 msg ID x: Received responder lifetime notification. ( sec/ KB) IKE : Phase 2 negotiation request is already in the task list. IKE : Received a notification message for DOI . IKE : Received a TRNXTN_XCHG payload with type . IKE : Received initial contact notification and removed Phase 1 SAs. IKE : Received initial contact notification and removed Phase 2 SAs. IKE : Sent an initial contact notification message because of a bad SPI. IKE : Sent initial contact notification to peer to use a new SA. IKE : The initial contact task is already in the task list. IKE : User has exceeded the configured share-limit of . IKE : XAuth login expired and was terminated for username at %P/%P>. IKE : XAuth login failed for gateway , username , retry: , timeout: . IKE : XAuth login was aborted for gateway , username , retry: . IKE : XAuth login was passed for gateway , username , retry: , Client IP Addr , IPPool name: , Session-Timeout: s, Idle-Timeout: s. IKE : XAuth login was refreshed for username at %P/%P. IKE: XAuth login was terminated because the user logged in again. Previous gateway: . Username: at /. IKE Phase 1: Aborted negotiations because the time limit has elapsed. (x/) IKE Phase 1: Aggressive mode negotiations have failed. IKE Phase 1: Cannot use a preshared key because the peer gateway has a dynamic IP address and negotiations are in Main mode. IKE Phase 1: Cannot verify DSA signature. IKE Phase 1: Cannot verify RSA signature. IKE Phase 1: Cert received has a different FQDN SubAltName than expected. IKE Phase 1: Cert received has a different IP address SubAltName than expected. IKE Phase 1: Cert received has a different UFQDN SubAltName than expected. IKE Phase 1: Cert received has a subject name that does not match the ID payload. IKE Phase 1: Completed Aggressive mode negotiations with a -second lifetime. IKE Phase 1: Completed for user . IKE Phase 1: Completed Main mode negotiations with a -second lifetime. IKE Phase 1: Discarded a second initial packet, which arrived within 5 seconds after the first. IKE Phase 1: Discarded peer's P1 request because there are currently sessions--max is . IKE Phase 1: Main mode negotiations have failed. IKE Phase 1: Negotiations have failed for user . IKE Phase 1: No private key exists to sign packets. IKE Phase 1: Received an incorrect public key authentication method. IKE Phase 1: Responder starts mode negotiations. IKE Phase 1: Retransmission limit has been reached. IKE Phase 2: Aborted negotiations because the time limit has elapsed. (x/, session ID %8x) IKE Phase 2: Initiated negotiations. IKE Phase 2: Negotiations have failed. Policy-checking has been disabled but multiple VPN policies to the peer exist. IKE Phase 2: No policy exists for the proxy ID received: local ID (/, , ) remote ID (/%P, , ). IKE Phase 2: Received a message but did not check a policy because id-mode was set to IP or policy-checking was disabled. IKE Phase 2: Received DH group instead of expected group for PFS. IKE Phase 2 msg-id x: Completed for user . IKE Phase 2 msg ID x: Completed negotiations with SPI x, tunnel ID , and lifetime seconds/ KB. IKE Phase 2 msg ID %8x: Negotiations have failed. IKE Phase 2 msg ID x: Negotiations have failed for user . IKE Phase 2 msg ID %8x: Responded to the peer's first message. IKE Phase 2 msg ID x: Responded to the peer's first message from user . IKE Phase 1: Initiated negotiations in mode. No VPN tunnel references the gateway Phase-1: no user configuration was found for the received IKE ID type: Phase 1 negotiations failed. (The preshared keys might not match.) Received an IKE packet on from : to :/. Cookies: , . Rejected an IKE packet on from : to : with cookies and because . ScreenOS does not support the ID payload type: The exchange modes (main or aggressive) do not match The format used did not match the exchange mode indicated: The IKE INFO exchange mode hash payload was invalid The IKE packet length was inconsistent The IKE packet unexpectedly had a floated port number The IKE packet unexpectedly had a port number that was not floated. The IKE QM exchange mode hash payload was invalid The IKE Transaction exchange mode hash payload was invalid The notify message was in clear text: The peer did not send a proxy ID The peer sent a duplicate message The peer sent a malformed payload: The peer sent a nonexistent cookie pair: The peer sent a packet with a message ID before Phase 1 authentication was done The peer sent a proxy ID that did not match the one in the SA config The peer sent the incorrect IKE ID payload: The peer sent the incorrect IKE ID payload type: The peer used an invalid IKE header format. The peer used an unsupported exchange mode: There was an error when processing the payload There was an error when sending a reply to the socket There was a preexisting session from the same peer There was no KE payload for PFS There were no acceptable Phase 1 proposals There were no acceptable Phase 2 proposals. The specified responder cookie does not exist The VPN does not have an application SA configured Interface ---------------------------------------- Critical (00090) Failover to secondary untrust interface occurred. Recovery to primary untrust interface occurred. Critical (00091) L3 backup failover from interface to interface . L3 backup recover from interface to interface . Notification (00009) 802.1Q VLAN tag has been created. 802.1Q VLAN tag has been removed. Activation delay for interface has been changed to . Admin status for interface has been changed to . Auto-failover for interface has been changed to . Deactivation delay for interface has been changed to . DNS proxy was on interface . Interface 802.1Q tag has been changed to . Interface 802.1Q tag has been removed . Interface 802.1Q VLAN trunking has been turned OFF . Interface 802.1Q VLAN trunking has been turned ON . Interface bandwidth has been changed to Kbps. Interface gateway IP has been changed from to . Interface has been added to aggregate interface . Interface has been added to redundant interface . Interface has been added to shared interface . Interface has been changed from local to VSI. Interface has been changed from VSI to local. Interface has been removed from aggregate interface . Interface has been removed from redundant interface . Interface has been removed from shared interface . Interface holddown time interval has been set to . Interface in was removed . Interface in with IP mask tag was created . Interface in with IP mask was created . Interface IP address can be used to manage the device. Interface IP address cannot be used to manage the device. Interface IP has been changed from to . Interface management IP has been changed from to . Interface netmask has been changed from to . Interface operational mode has been changed to . Interface switching to ANSI T1.413 Issue 2 mode. Interface switching to auto-negotiating mode. Interface switching to G.Lite mode. Interface switching to ITU G.992.1 mode. Interface switching to ITU G.992.3 del test mode. Interface switching to ITU G.992.3 mode. Interface switching to ITU G.992.5 del test mode. Interface switching to ITU G.992.5 mode. Interface switching to loopback mode. Interface was bound to zone . Interface was removed from the monitoring list of . Interface was unbound from zone . Interface with weight was added to the monitoring list of . IPv4 Path-MTU has been on interface . IPv6 Path-MTU has been on interface . Maximum bandwidth Kbps on interface is less than total guaranteed bandwidth Kbps. Monitoring threshold was modified to of . Mtrace has been on interface . MTU for interface has been changed to . Primary interface set backup interface , type is . Primary interface unset backup interface . Route between secondary IP addresses on interface has been disabled. Route between secondary IP addresses on interface has been enabled. Secondary IP address / has been added to interface . Secondary IP address has been deleted from interface . for interface has been changed to . Zone was removed from the monitoring list of . Zone with weight was added to the monitoring list of . Notification (00078) A dialer CLI is configured: . Notification (00513) The physical state of interface has changed to . Notification (00613) Interface dialed out at channel . Interface disconnects at channel . Interface idle timer expired. Interface is connected at channel . Interface is disconnecting at channel . Interface traffic ( bps) decreased (less than load-threshold). Interface traffic ( bps) increased (greater than load-threshold). Information (00009) Global-PRO has been on interface . Ident-reset has been on interface . NSGP has been on interface . Ping has been on interface . SCS has been on interface . SNMP has been on interface . SSL has been on interface . Telnet has been on interface . Web has been on interface . Interface6 ---------------------------------------- Critical (00101) DAD detected duplicates for IPv6 address on interface Notification (00009) Setting interface IPv6 mode to . IPv6 function on the interface . Unsetting IPv6 mode on interface . Notification (00071) DAD completed for IPv6 address on interface Initialized IPv6 address on interface Notification (00072) IPv6 Router advertisement reception disabled on interface IPv6 Router advertisement reception enabled on interface IPv6 Router advertisement transmission disabled on interface IPv6 Router advertisement transmission enabled on interface ISDN ---------------------------------------- Notification (00083) [isdn] Interface is configured for leased-line . [isdn] Interface is configured to work with switch type (after reboot). [isdn] Interface is set for TEI negotiation at . [isdn] Interface will not send Sending Complete in SETUP message. [isdn] Interface will send Sending Complete in SETUP message. [isdn] Leased-line is removed for interface . [isdn] SPID1 for interface is set to . [isdn] SPID2 for interface is set to . [isdn] The calling number for interface is set to . [isdn] The T310 value for interface is changed from to . Notification (00618) [isdn] Interface connected on B channel . [isdn] Interface disconnected on B channel . [isdn] Layer2 is on D channel . L2TP ---------------------------------------- Alert (00043) Receive StopCCN_msg, remove l2tp tunnel (-), Result code (). Alert (00044) Receive StopCCN_msg, remove l2tp tunnel (-), Result code (), Error code (). Alert (00045) Receive CDN_msg, remove l2tp call, id = , user = , assigned ip = , Result code (). Alert (00046) Receive CDN_msg, remove l2tp call, id = , user = , assigned ip = , Result code (), Error code (). Notification (00017) L2TP , all-L2TP-users secret keepalive . L2TP , ID secret keepalive . L2TP default auth type changed to . L2TP default ippool changed from to . L2TP default PPP auth type changed to . L2TP default primary DNS server changed from to . L2TP default primary WINS server changed from to . L2TP default RADIUS port changed to . L2TP default RADIUS secret changed to . L2TP default RADIUS server changed to . L2TP default secondary DNS server changed from to . L2TP default secondary WINS server changed from to . L2TP ippool is unset to default. L2TP primary DNS server is unset to default. L2TP primary WINS server is unset to default. L2TP RADIUS port changed to . L2TP RADIUS secret is unset to default. L2TP RADIUS server is unset to default. L2TP secondary DNS server is unset to default. L2TP secondary WINS server is unset to default. Information (00536) Incorrect L2TP secret in tunnel authentication for L2TP (). l2tp(/->/), user authentication passed. IP address assigned to user. L2TP at PPP failed, Failure in . L2TP tunnel created between : and :. Retry time-out interval expired. L2TP call (peer at , local at ) removed, tunnel ID , call ID . Retry time-out interval expired. L2TP tunnel removed (peer at , local at ), tunnel ID . Logging ---------------------------------------- Warning (00002) Cannot connect to e-mail server . Mail recipients were not configured. Mail server is not configured. Unexpected error from e-mail server(state=): . Notification (00002) E-mail address 1 has been changed. E-mail address 2 has been changed. E-mail notification has been disabled. E-mail notification has been enabled. Inclusion of traffic logs with e-mail notification of event alarms has been disabled. Inclusion of traffic logs with e-mail notification of event alarms has been enabled. Mail server domain name has been changed. Mail server IP address has been changed. MGCP ---------------------------------------- Alert (00063) MGCP ALG configured to drop unidentified message in NAT mode. MGCP ALG configured to drop unidentified message in route mode. MGCP ALG configured to pass unidentified message in NAT mode. MGCP ALG configured to pass unidentified message in route mode. MGCP ALG configured to screen high connection rate. MGCP ALG connection flood rate threshold set to default. MGCP ALG connection flood rate threshold value set to connections per second. MGCP ALG disabled on the device. MGCP ALG enabled on the device. MGCP ALG inactive media timeout value set to default. MGCP ALG inactive media timeout value set to seconds. MGCP ALG maximum call duration value set to default. MGCP ALG maximum call duration value set to minutes. MGCP ALG message flood rate threshold value set to default. MGCP ALG message flood rate threshold value set to messages per second. MGCP ALG removed the check for message flood rate. MGCP ALG transaction timeout value set to default. MGCP ALG transaction timeout value set to seconds. The MGCP ALG is configured to screen high message rate. The MGCP ALG removed the check for connection rate. Alert (00084) The device cannot delete MGCP CA Port. The device cannot delete MGCP UA ALG Port. The device cannot initialize memory for MGCP. The device cannot register MGCP CA Port. The device cannot register MGCP UA Port. The device cannot unregister MGCP ALG handler. Notification (00084) Device failure handling MGCP call because the number of calls exceeded the system limit. The device cannot register the MGCP ALG request to RM. The device cannot register the Network Address Translation vector for the MGCP ALG request. The device does not have MGCP ALG client id with RM. The device failed in unregistering MGCP client with RM. Multicast ---------------------------------------- Alert (00601) Error in initializing multicast. Failure in initializing multicast data handler task. Failure in initializing multicast route task. Failure in registering for multicast data packet. Failure in shutting down multicast route task. System-wide multicast cachemiss node limit reached, nodes not added since limit exceeded. Critical (00601) Failure adding output interface to multicast route list due to exceeding system max. interfaces not added since limit exceeded. : virtual router multicast route limit exceeded, mroute addition failed. : virtual router multicast route maximum, routes not added since limit exceeded - . System wide multicast route limit exceeded, mroute add failed. System wide multicast route limit reached, routes not added since limit exceeded - . Notification (00056) . . Notification (00057) : maximum multicast routes limit configured to . : maximum multicast routes limit removed. : multicast negative cache routes feature configured. : multicast negative cache routes feature removed. : multicast negative cache routes timer configured to default. : multicast negative cache routes timer configured to seconds. : static multicast route src=, grp= ifp = deleted. : static multicast route src=, grp= input ifp = output ifp = added. NSM ---------------------------------------- Notification (00033) CA certificate field of NACN policy manager has been set to . CA certificate field of NACN policy manager has been unset. Cert-Subject field of NACN policy manager has been set to . Cert-Subject field of NACN policy manager has been unset. Host field of NACN policy manager has been set to . Host field of NACN policy manager has been unset. NSM Device ID was set to . NSM Device ID was unset. NSM installer name () and password were set. NSM installer name and password were unset. NSM keys were deleted. NSM one-time-password was set. NSM one-time-password was unset. NSM primary server with name was set: addr , port NSM primary server with name was unset. NSM secondary server with name was set: addr , port NSM secondary server with name was unset. Outgoing interface of NACN policy manager has been set to . Outgoing interface of NACN policy manager has been unset. Password field of NACN policy manager has been . Policy-domain field of NACN policy manager has been set to . Policy-domain field of NACN policy manager has been unset. Port field of NACN policy manager has been reset to the default value. Port field of NACN policy manager has been set to . Reporting of attack alarms to has been disabled. Reporting of attack alarms to has been enabled. Reporting of attack statistics table to has been disabled. Reporting of attack statistics table to has been enabled. Reporting of configuration logs to has been disabled. Reporting of configuration logs to has been enabled. Reporting of deep inspection alarms to has been disabled Reporting of deep inspection alarms to has been enabled Reporting of ethernet statistics table to has been disabled. Reporting of ethernet statistics table to has been enabled. Reporting of flow statistics table to has been disabled. Reporting of flow statistics table to has been enabled. Reporting of information logs to has been disabled. Reporting of information logs to has been enabled. Reporting of miscellaneous alarms to has been disabled. Reporting of miscellaneous alarms to has been enabled. Reporting of policy table to has been disabled. Reporting of policy table to has been enabled. Reporting of protocol distribution table to has been disabled. Reporting of protocol distribution table to has been enabled. Reporting of self management logs to has been disabled. Reporting of self management logs to has been enabled. Reporting of traffic alarms to has been disabled. Reporting of traffic alarms to has been enabled. Reporting of traffic logs to has been disabled. Reporting of traffic logs to has been enabled. has been disabled. has been enabled. host has been disabled. host has been set to . host has been set to . VPN management tunnel has been disabled. VPN management tunnel has been enabled. The NACN protocol has been Timeout value of has been set to seconds. Timeout value of has been set to seconds (default) User-defined service has been added to protocol distribution. User-defined service has been removed from protocol distribution. Information (00538) Connection to data collector at has timed out. Device is not known to data collector at . Lost socket connection to data collector at . NACN failed to register to policy manager because of . NACN successfully registered to policy manager : . NSM: Cannot connect to NSM server at . Reason: , ( connect attempt(s)) NSM: Connected to NSM server at ( connect attempt(s)) NSM: Connection to NSM server at is down. Reason: , NSM: Sent message NSM request may fail due to low memory (malloc failed) The NACN protocol has started for policy manager on hostname IP address port NSRD ---------------------------------------- Error (00551) Error occurred during configlet file processing. Warning (00551) Configlet file authentication failed. Configlet file decryption failed. Error occurred, causing failure to establish secure management with Management System. Information (00551) Rapid Deployment cannot start because gateway has undergone configuration changes. Secure management established successfully with remote server. NTP ---------------------------------------- Notification (00531) Administrator changed the Network Time Protocol authentication mode to () Administrator changed the Network Time Protocol maximum adjustment value from to seconds () An acceptable time could not be obtained from NTP server An administrator aborted the NTP time update. An error occurred in setting the system clock. Authentication failed for Network Time Protocol server because Network Time Protocol adjustment of ms from NTP server exceeds the allowed adjustment of ms. Network Time Protocol settings changed. No acceptable time could be obtained from any NTP server. No NTP server could be contacted. NTP request cannot be sent. No key found for server NTP request cannot be sent. No key id found for Network Time Protocol server NTP server could not be contacted. The system clock was updated from NTP server type with an adjustment of ms. Authentication was . Update mode was Notification (00548) The NetScreen device is attempting to contact the primary backup NTP server The NetScreen device is attempting to contact the primary NTP server The NetScreen device is attempting to contact the secondary backup NTP server OSPF ---------------------------------------- Critical (00206) LSA flood in OSPF with router ID on interface forced the interface to drop a packet. LSA ID , router ID , type cannot be deleted from the real-time database in area OSPF instance with router ID received a Hello packet flood from neighbor (IP address , router ID ) on interface forcing the interface to drop the packet. Reject second OSPF neighbor () on interface () since it's configured as point-to-point interface The total number of redistributed routes into OSPF in vrouter () exceeded system limit () Notification (00038) OSPF virtual routing instance in virtual router created. OSPF virtual routing instance in virtual router deleted. virtual router with the configuration command virtual router with the OSPF protocol Information (00541) Killing of OSPF neighbor delayed by seconds, last hello packet received time ms and last processed hello packet occuring at ms. LSA in following area aged out: LSA area ID , LSA ID , router ID , type in OSPF. Neighbor router ID - IP address - changed its state to . OSPF interface has become inactive, kill neighbor (IP address , router ID ) on this interface. OSPF neighbor timeout, with last hello packet received at time ms, and last processed hello packet occurring at time ms, current elapsed time in seconds . OSPF packet retransmit counter exceeds limit, killing neighbor (IP address , router ID ). The system killed OSPF neighbor because of elapsed Hello time