ZyXEL P-202H User Guide - Page 331
Table 124, Table 125, Table 123
View all ZyXEL P-202H manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 331 highlights
P-202H Plus v2 User's Guide Table 123 Attack Logs (continued) LOG MESSAGE DESCRIPTION teardrop ICMP (type:%d, code:%d) illegal command TCP NetBIOS TCP ip spoofing - no routing entry [TCP | UDP | IGMP | ESP | GRE | OSPF] ip spoofing - no routing entry ICMP (type:%d, code:%d) vulnerability ICMP (type:%d, code:%d) traceroute ICMP (type:%d, code:%d) The firewall detected an ICMP teardrop attack. For type and code details, see Table 129 on page 336. The firewall detected a TCP illegal command attack. The firewall detected a TCP NetBIOS attack. The firewall classified a packet with no source routing entry as an IP spoofing attack. The firewall classified an ICMP packet with no source routing entry as an IP spoofing attack. The firewall detected an ICMP vulnerability attack. For type and code details, see Table 129 on page 336. The firewall detected an ICMP traceroute attack. For type and code details, see Table 129 on page 336. Table 124 IPSec Logs LOG MESSAGE DESCRIPTION Discard REPLAY packet The router received and discarded a packet with an incorrect sequence number. Inbound packet authentication failed The router received a packet that has been altered. A third party may have altered or tampered with the packet. Receive IPSec packet, but no corresponding tunnel exists The router dropped an inbound packet for which SPI could not find a corresponding phase 2 SA. Rule idle time out, disconnect The router dropped a connection that had outbound traffic and no inbound traffic for a certain time period. You can use the "ipsec timer chk_conn" CI command to set the time period. The default value is 2 minutes. WAN IP changed to The router dropped all connections with the "MyIP" configured as "0.0.0.0" when the WAN IP address changed. Table 125 IKE Logs LOG MESSAGE Active connection allowed exceeded Start Phase 2: Quick Mode Verifying Remote ID failed: DESCRIPTION The IKE process for a new connection failed because the limit of simultaneous phase 2 SAs has been reached. Phase 2 Quick Mode has started. The connection failed during IKE phase 2 because the router and the peer's Local/Remote Addresses don't match. Appendix C Log Descriptions 330