CCNP BCMSN Exam Certification Guide (3rd Edition)

B-3. ErrorsSyslog Severity Level 3 Messages

Table B-3 lists all the severity level 3 logging messages, along with their message numbers and text. All the messages supported by PIX OS releases 6.3 and 7.0, as well as FWSM 2.3, are shown.

Table B-3. Severity 3 (Errors) Logging Messages

Level and Message Number

Message Text

%PIX-3-105010

(Primary) Failover message block alloc failed.

%PIX-3-106010

Deny inbound protocol src interface_name: dest_address/dest_port dst interface_name: source_address/source_port.

%PIX-3-106011

Deny inbound (no xlate) string.

%PIX-3-106014

Deny inbound icmp src interface_name: IP_address dst interface_name: IP_address (type dec, code dec).

%PIX-3-108003

Terminating ESMTP/SMTP connection; malicious pattern detected in the mail address from src_ifc:src_ip/src_port to dst_ifc:dst_ip/dst_port. Data:string. (7.0)

%PIX-3-109010

Auth from inside_address/inside_port to outside_address/outside_port failed (too many pending auths) on interface interface_name.

%PIX-3-109013

User must authenticate before using this service.

%PIX-3-109016

Can't find authorization ACL acl_ID on 'PIX' for user 'user'.

%PIX-3-109018

Downloaded ACL acl_ID is empty.

%PIX-3-109019

Downloaded ACL acl_ID has parsing error; ACE string.

%PIX-3-109020

Downloaded ACL has config error; ACE.

%PIX-3-109023

User from src_IP_address/src_port to dest_IP_address/dest_port on interface outside must authenticate before using this service. (7.0)

%PIX-3-113001

Unable to open AAA session. Session limit [limit] reached. (7.0)

%PIX-3-201002

Too many connections on {static | xlate} global_address! econns nconns.

%PIX-3-201004

Too many UDP connections on {static | xlate} global_address! udp conn limit. (7.0)

%PIX-3-201005

FTP data connection failed for IP_address.

%PIX-3-201006

RCMD backconnection failed for IP_address/port.

%PIX-3-201008

The PIX is disallowing new connections.

%PIX-3-201009

TCP connection limit of number for host IP_address on interface_name exceeded.

%PIX-3-201011

Connection limit exceeded cnt/limit for dir packet from sip/sport to dip/dport on interface if_name. (7.0)

%PIX-3-202001

Out of address translation slots!

%PIX-3-202005

Non-embryonic in embryonic list outside_address/outside_port inside_address/inside_port.

%PIX-3-208005

(function: line_num) pix clear command return code.

%PIX-3-210001

LU SW_Module_Name error = number.

%PIX-3-210002

LU allocate block (bytes) failed.

%PIX-3-210003

Unknown LU Object number.

%PIX-3-210005

LU allocate connection failed.

%PIX-3-210006

LU look NAT for IP_address failed.

%PIX-3-210007

LU allocate xlate failed.

%PIX-3-210008

LU no xlate for inside_address/inside_port outside_address/outside_port.

%PIX-3-210010

LU make UDP connection for outside_address: outside_port inside_address: inside_port failed.

%PIX-3-210020

LU PAT port reserve failed.

%PIX-3-210021

LU create static xlate global_address ifc interface_name failed.

%PIX-3-211001

Memory allocation error.

%PIX-3-211003

CPU utilization for number seconds = percent.

%PIX-3-212001

Unable to open SNMP channel (UDP port port) on interface interface_number, error code = code.

%PIX-3-212002

Unable to open SNMP trap channel (UDP port port) on interface interface_number, error code = code.

%PIX-3-212003

Unable to receive an SNMP request on interface interface_number, error code = code, will try again.

%PIX-3-212004

Unable to send an SNMP response to IP address IP_address port port interface interface_number, error code = code.

%PIX-3-212005

Incoming SNMP request (number bytes) on interface interface_name exceeds data buffer size, discarding this SNMP request.

%PIX-3-212006

Dropping SNMP request from src_ip/src_port to ifc_name:dst_ip/dst_port because: reason. (7.0)

%PIX-3-213001

PPTP control daemon socket io string, errno = number.

%PIX-3-213002

PPTP tunnel hashtable insert failed, peer = IP_address.

%PIX-3-213003

PPP virtual interface interface_number isn't opened.

%PIX-3-213004

PPP virtual interface interface_number client ip allocation failed.

%PIX-3-216001

Unknown message text. (7.0)

%PIX-3-217001

No memory for string in string. (7.0)

%PIX-3-302007

Unknown message text. (7.0)

%PIX-3-302008

Unknown message text. (7.0)

%PIX-3-302019

H.323 library_name ASN Library failed to initialize, error code number.

%PIX-3-302302

ACL = deny; no sa created.

%PIX-3-303001

Unknown message text. (7.0)

%PIX-3-304003

URL server IP_address timed out URL url.

%PIX-3-304006

URL server IP_address not responding.

%PIX-3-305005

No translation group found for protocol src interface_name: dest_address/dest_port dst interface_name: source_address/source_port.

%PIX-3-305006

Regular translation creation failed for protocol src interface_name: source_address/source_port dst interface_name: dest_address/dest_port.

%PIX-3-305008

Free unallocated global IP address.

%PIX-3-306001

Unknown message text. (7.0)

%FWSM-3-309001

Denied manager connection from IP_address.

%PIX-3-310001

Unknown message text. (7.0)

%PIX-3-311005

Unknown message text. (7.0)

%PIX-3-313001

Denied ICMP type=number, code=code from IP_address on interface interface_name.

%PIX-3-313002

Unknown message text. (7.0)

%FWSM-3-315001

Denied SSH session from IP_address on interface interface_name.

%PIX-3-315004

Fail to establish SSH session because PIX RSA host key retrieval failed.

%PIX-3-316001

Denied new tunnel to IP_address. VPN peer limit (platform_vpn_peer_limit) exceeded. (7.0)

%PIX-3-317001

No memory available for limit_slow.

%PIX-3-317002

Bad path index of number for IP_address, number max.

%PIX-3-317003

IP routing table creation failurereason.

%PIX-3-317004

IP routing table limit warning.

%PIX-3-317005

IP routing table limit exceededreason, IP_address netmask.

%PIX-3-318001

Internal error: reason.

%PIX-3-318002

Flagged as being an ABR without a backbone area.

%PIX-3-318003

Reached unknown state in neighbor state machine.

%PIX-3-318004

Area string lsid IP_address mask netmask adv IP_address type number.

%PIX-3-318005

lsid IP_address adv IP_address type number gateway gateway_address metric number network IP_address mask netmask protocol hex attr hex net-metric number.

%PIX-3-318006

if interface_name if_state number.

%PIX-3-318007

OSPF is enabled on interface_name during idb initialization.

%PIX-3-318008

OSPF process number is changing router-id. Reconfigure virtual link neighbors with our new router-id.

%PIX-3-319001

Acknowledge for arp update for IP address dest_addr not received (number). (7.0)

%PIX-3-319002

Acknowledge for route update for IP address dest_addr not received (number). (7.0)

%PIX-3-319003

ARP update for IP address address to NPn failed. (7.0)

%PIX-3-319004

Route update for IP address dest_addr failed (number). (7.0)

%PIX-3-320001

The subject name of the peer cert is not allowed for connection.

%PIX-3-322001

Deny MAC address mac-address, possible spoof attempt on interface interface. (7.0)

%PIX-3-322002

ARP inspection check failed for arp {request | response} received from host mac-address on interface interface. This host is advertising MAC address mac-address-1 for IP address ip-address, which is {statically | dynamically} bound to MAC address mac-address-2. (7.0)

%PIX-3-322003

ARP inspection check failed for arp {request | response} received from host mac-address on interface interface. This host is advertising MAC address mac-address-1 for IP address ip-address, which is not bound to any MAC address. (7.0)

%ASA-3-323001

Module in slot slotnum experienced a control channel communication failure. (7.0)

%ASA-3-323002

Module in slot slotnum is not able to shut down, shut down request not answered. (7.0)

%ASA-3-323003

Module in slot slotnum is not able to reload, reload request not answered. (7.0)

%PIX-3-324000

Drop GTPv version message msg_type from src_ifc:src_ip/src_port to dest_ifc:dest_ip/dest_port Reason: reason. (7.0)

%PIX-3-324001

GTPv0 packet parsing error from src_ifc:src_ip/src_port to dest_ifc:dest_ip/dest_port, TID: tid_value, Reason: reason. (7.0)

%PIX-3-324002

No PDP[MCB] exists to process GTPv0 msg_type from src_ifc:src_ip/src_port to dest_ifc:dest_ip/dest_port, TID: tid_value. (7.0)

%PIX-3-324003

No matching request to process GTPv version msg_type from src_ifc:src_ip/src_port to dest_ifc:dest_ip/dest_port. (7.0)

%PIX-3-324004

GTP packet with version %d from src_ifc:src_ip/src_port to dest_ifc:dest_ip/dest_port is not supported. (7.0)

%PIX-3-324005

Unable to create tunnel from src_ifc:src_ip/src_port to dest_ifc:dest_ip/dest_port. (7.0)

%PIX-3-324006

GSN ip_address tunnel limit tunnel_limit exceeded, PDP Context TID tid failed. (7.0)

%PIX-3-324007

Unable to create GTP connection for response from src_ifc:src_ip/0 to dest_ifc:dest_ip/dest_port. (7.0)

%PIX-3-325001

Router ipv6_address on interface has conflicting ND (Neighbor Discovery) settings. (7.0)

%PIX-3-326001

Unexpected error in the timer library: error_message. (7.0)

%PIX-3-326002

Error in error_message : error_message. (7.0: IGMP process)

%PIX-3-326003

Unknown message text. (7.0)

%PIX-3-326004

An internal error occurred while processing a packet queue. (7.0: IGMP)

%PIX-3-326005

MRIB notification failed for (addr,addr). (7.0)

%PIX-3-326006

Entry-creation failed for (addr,addr). (7.0)

%PIX-3-326007

Entry-update failed for (addr,addr). (7.0)

%PIX-3-326008

MRIB registration failed. (7.0)

%PIX-3-326009

MRIB connection-open failed. (7.0)

%PIX-3-326010

MRIB unbind failed. (7.0)

%PIX-3-326011

MRIB table deletion failed. (7.0)

%PIX-3-326012

Initialization of string functionality failed. (7.0)

%PIX-3-326013

Internal error: string in string line %d (%s). (7.0)

%PIX-3-326014

Initialization failed: error_message error_message. (7.0)

%PIX-3-326015

Communication error: error_message error_message. (7.0)

%PIX-3-326016

Failed to set un-numbered interface for ifname. (7.0)

%PIX-3-326017

Interface Manager errorstring in string : string. (7.0)

%PIX-3-326018

Unknown message text. (7.0)

%PIX-3-326019

string in string : string. (7.0: PIM)

%PIX-3-326020

List error in string : string. (7.0: PIM)

%PIX-3-326021

Error in string : string. (7.0: PIM)

%PIX-3-326022

Error in string : string. (7.0: PIM)

%PIX-3-326023

stringaddr : string. (7.0: PIM)

%PIX-3-326024

An internal error occurred while processing a packet queue. (7.0)

%PIX-3-326025

string. (7.0: PIM)

%PIX-3-326026

Server unexpected error: error_messsage. (7.0)

%PIX-3-326027

Corrupted update: error_messsage. (7.0)

%PIX-3-326028

Asynchronous error: error_messsage. (7.0)

%PIX-3-326029

Unknown message text. (7.0)

%PIX-3-403501

PPPoEBad host-unique in PADOpacket dropped. Intf: interface_name AC: ac_name.

%PIX-3-403502

PPPoEBad host-unique in PADSdropping packet. Intf: interface_name AC: ac_name.

%PIX-3-403503

PPPoE: PPP link down: reason.

%PIX-3-403504

PPPoE: No 'vpdn group' for PPPoE is created.

%PIX-3-403505

PPPoE: PPPUnable to set default route to IP_address at interface_name.

%PIX-3-403506

PPPoE: Failed to assign PPP IP_address netmask netmask at interface_name.

%PIX-3-404102

ISAKMP: Exceeded embryonic limit. (7.0)

%PIX-3-407002

Embryonic limit neconns/elimit for through connections exceeded. outside_address/outside_port to global_address (inside_address)/inside_port on interface interface_name.

%PIX-3-414001

Failed to save logging buffer using file name file_name to FTP server ftp_server_ip on interface interface_name: [fail_reason]. (7.0)

%PIX-3-414002

Failed to save logging buffer to flash:/syslog directory using file name: filename: [fail_reason]. (7.0)

%FWSM-3-605001

HTTP daemon interface interface_name: Connection denied from IP_address.

%PIX-3-610001

NTP daemon interface interface_name: Packet denied from IP_address.

%PIX-3-610002

NTP daemon interface interface_name: Authentication failed for packet from IP_address.

%PIX-3-611313

VPNClient: Backup Server List Error: reason.

%PIX-3-620002

Unsupported CTIQBE version: hex: from interface_name:IP_address/port to interface_name:IP_address/port. (7.0)

%PIX-3-702302

Replay rollover detected.

%PIX-3-710003

{TCP | UDP} access denied by ACL from source_address/source_port to interface_name: dest_address/service.

%PIX-3-713002

Unknown message text. (7.0)

%PIX-3-713003

Unknown message text. (7.0)

%PIX-3-713004

Device scheduled for reboot or shutdown, IKE key acquire message on interface interface num, for Peer address ignored. (7.0)

%PIX-3-713008

Key ID in ID payload too big for pre-shared IKE tunnel. (7.0)

%PIX-3-713009

OU in DN in ID payload too big for Certs IKE tunnel. (7.0)

%PIX-3-713011

Unknown message text. (7.0)

%PIX-3-713012

Unknown protocol (protocol). Not adding SA w/spi=SPI value. (7.0)

%PIX-3-713013

Unknown message text. (7.0)

%PIX-3-713014

Unknown Domain of Interpretation (DOI): DOI value. (7.0)

%PIX-3-713015

Unknown message text. (7.0)

%PIX-3-713016

Unknown identification type, Phase 1 or 2, Type ID Type. (7.0)

%PIX-3-713017

Identification type not supported, Phase 1 or 2, Type ID Type. (7.0)

%PIX-3-713018

Unknown ID type during find of group name for certs, Type ID Type. (7.0)

%PIX-3-713019

Unknown message text. (7.0)

%PIX-3-713020

No Group found by matching OU(s) from ID payload: OU value. (7.0)

%PIX-3-713021

Unknown message text. (7.0)

%PIX-3-713022

No group found matching peer ID or address for pre-shared key peer address of peer. (7.0)

%PIX-3-713032

Received invalid local Proxy Range IP address-IP address. (7.0)

%PIX-3-713033

Received invalid remote Proxy Range IP address-IP address. (7.0)

%PIX-3-713042

IKE Initiator unable to find policy: Intf interface number, Src: IP address, Dst: IP address. (7.0)

%PIX-3-713043

Cookie/peer address IP address session already in progress. (7.0)

%PIX-3-713046

Unknown message text. (7.0)

%PIX-3-713047

Unsupported Oakley group: Group Diffie-Hellman group. (7.0)

%PIX-3-713048

Error processing payload: Payload ID: id. (7.0)

%PIX-3-713051

Terminating connection attempt: IPSEC not permitted for group (group name). (7.0)

%PIX-3-713053

Unknown message text. (7.0)

%PIX-3-713054

Unknown message text. (7.0)

%PIX-3-713055

Unknown message text. (7.0)

%PIX-3-713056

Tunnel rejected: SA (SA name) not found for group (group name)! (7.0)

%PIX-3-713057

Unknown message text. (7.0)

%PIX-3-713058

Unknown message text. (7.0)

%PIX-3-713059

Tunnel Rejected: User (username) matched with group name, group-lock check failed. (7.0)

%PIX-3-713060

Tunnel Rejected: User (username) not member of group (group name), group-lock check failed. (7.0)

%PIX-3-713061

Tunnel rejected: Crypto Map Policy not found for Src: IP address, Dst: IP address! (7.0)

%PIX-3-713062

IKE Peer address same as our interface address IP address. (7.0)

%PIX-3-713063

IKE Peer address not configured for destination IP address. (7.0)

%PIX-3-713064

Unknown message text. (7.0)

%PIX-3-713065

IKE Remote Peer did not negotiate the following: proposal attribute. (7.0)

%PIX-3-713069

Unknown message text. (7.0)

%PIX-3-713070

Unknown message text. (7.0)

%PIX-3-713072

Password for user (username) too long, truncating to number characters. (7.0)

%PIX-3-713077

Unknown message text. (7.0)

%PIX-3-713080

Unknown message text. (7.0)

%PIX-3-713081

Unsupported certificate encoding type encoding type. (7.0)

%PIX-3-713082

Failed to retrieve identity certificate. (7.0)

%PIX-3-713083

Invalid certificate handle. (7.0)

%PIX-3-713084

Received invalid phase 1 port value (port number) in ID. (7.0)

%PIX-3-713085

Received invalid phase 1 protocol value (protocol value) in ID payload. (7.0)

%PIX-3-713086

Received unexpected Certificate payload Possible invalid Auth Method (Auth method (auth numerical value)). (7.0)

%PIX-3-713088

Set Cert filehandle failure: no IPSec SA in group group name. (7.0)

%PIX-3-713089

Unknown message text. (7.0)

%PIX-3-713090

Unknown message text. (7.0)

%PIX-3-713091

Unknown message text. (7.0)

%PIX-3-713093

Unknown message text. (7.0)

%PIX-3-713095

Unknown message text. (7.0)

%PIX-3-713098

Aborting: No identity cert specified in IPSec SA (SA name)! (7.0)

%PIX-3-713100

Unknown message text. (7.0)

%PIX-3-713102

Phase 1 ID Data length number too longreject tunnel! (7.0)

%PIX-3-713105

Zero length data in ID payload received during phase 1 or 2 processing. (7.0)

%PIX-3-713106

Unknown message text. (7.0)

%PIX-3-713107

IP address request attempt failed! (7.0)

%PIX-3-713109

Unable to process the received peer certificate. (7.0)

%PIX-3-713110

Unknown message text. (7.0)

%PIX-3-713111

Unknown message text. (7.0)

%PIX-3-713112

Failed to process CONNECTED notify (SPI SPI value)! (7.0)

%PIX-3-713116

Terminating connection attempt: L2TP-over-IPSEC attempted by group (group name) but L2TP disabled. (7.0)

%PIX-3-713118

Detected invalid Diffie-Helmann group descriptor Group number, in IKE area. (7.0)

%PIX-3-713119

PHASE 1 COMPLETED. (7.0)

%PIX-3-713120

Unknown message text. (7.0)

%PIX-3-713122

Keep-alives configured keepalive type but peer IP address support keep-alives (type = keepalive type). (7.0)

%PIX-3-713123

IKE lost contact with remote peer, deleting connection (keepalive type: keepalive type). (7.0)

%PIX-3-713124

Received DPD sequence number rcv sequence # in DPD Action, description expected seq #. (7.0)

%PIX-3-713125

Unknown message text. (7.0)

%PIX-3-713126

Unknown message text. (7.0)

%PIX-3-713127

Xauth required but selected Proposal does not support xauth, Check priorities of ike xauth proposals in ike proposal list. (7.0)

%PIX-3-713128

Connection attempt to VCPIP redirected to VCA peer IP address via load balancing. (7.0)

%PIX-3-713129

Received unexpected Transaction Exchange payload type: payload id. (7.0)

%PIX-3-713132

Cannot obtain an IP address for remote peer. (7.0)

%PIX-3-713133

Mismatch: Overriding phase 2 DH Group (DH group DH group id) with phase 1 group (DH group DH group number). (7.0)

%PIX-3-713134

Mismatch: P1 Authentication algorithm in the crypto map entry different from negotiated algorithm for the L2L connection. (7.0)

%PIX-3-713138

Group group name not found and BASE GROUP default preshared key not configured (7.0)

%PIX-3-713140

Split Tunneling Policy requires network list but none configured. (7.0)

%PIX-3-713141

Client-reported firewall does not match configured firewall: action tunnel. ReceivedVendor: vendor(id), Product product(id), Caps: capability value. ExpectedVendor: vendor(id), Product: product(id), Caps: capability value. (7.0)

%PIX-3-713142

Client did not report firewall in use, but there is a configured firewall: action tunnel. ExpectedVendor: vendor(id), Product product(id), Caps: capability value. (7.0)

%PIX-3-713146

Could not add route for Hardware Client in network extension mode, address: IP address, mask: network mask. (7.0)

%PIX-3-713149

Hardware client security attribute attribute name was enabled but not requested. (7.0)

%PIX-3-713150

Unknown message text. (7.0)

%PIX-3-713151

Unknown message text. (7.0)

%PIX-3-713152

Unable to obtain any rules from filter ACL tag to send to client for CPP, terminating connection. (7.0)

%PIX-3-713153

Unknown message text. (7.0)

%PIX-3-713159

TCP Connection to Firewall Server has been lost, restricted tunnels are now allowed full network access. (7.0)

%PIX-3-713161

Remote user (session Idid) network access has been restricted by the Firewall Server. (7.0)

%PIX-3-713162

Remote user (session Idid) has been rejected by the Firewall Server. (7.0)

%PIX-3-713163

Remote user (session Idid) has been terminated by the Firewall Server. (7.0)

%PIX-3-713165

Unknown message text. (7.0)

%PIX-3-713166

Headend security gateway has failed our user authentication attemptcheck configured username and password. (7.0)

%PIX-3-713167

Remote peer has failed user authenticationcheck configured username and password. (7.0)

%PIX-3-713168

Re-auth enabled, but tunnel must be authenticated interactively! (7.0)

%PIX-3-713174

Hardware Client connection rejected! Network Extension Mode is not allowed for this group! (7.0)

%PIX-3-713181

Unknown message text. (7.0)

%PIX-3-713182

IKE could not recognize the version of the client! IPSec Fragmentation Policy will be ignored for this connection! (7.0)

%PIX-3-713185

Error: Username too longconnection aborted. (7.0)

%PIX-3-713186

Invalid secondary domain name list received from the authentication server. List Received: list_text Character index (value) is illegal. (7.0)

%PIX-3-713188

Unknown message text. (7.0)

%PIX-3-713189

Attempted to assign network or broadcast IP address, removing (IP_address) from pool. (7.0)

%PIX-3-713191

Unknown message text. (7.0)

%PIX-3-713193

Received packet with missing payload, Expected payload: payload_id. (7.0)

%PIX-3-713194

IKE | IPsec Delete With Reason message: termination_reason. (7.0)

%PIX-3-713195

Tunnel rejected: Originate-Only: Cannot accept incoming tunnel yet! (7.0)

%PIX-3-713198

User Authorization failed: username User authorization failed. (7.0)

%PIX-3-713203

IKE Receiver: Error reading from socket. (7.0)

%PIX-3-713205

Could not add static route for client address: IP address. (7.0)

%PIX-3-713206

Tunnel Rejected: Conflicting protocols specified by tunnel-group and group-policy. (7.0)

%PIX-3-713208

Cannot create dynamic rule for Backup L2L entry rule id. (7.0)

%PIX-3-713209

Cannot delete dynamic rule for Backup L2L entry rule id. (7.0)

%PIX-3-713210

Cannot create dynamic map for Backup L2L entry rule id. (7.0)

%PIX-3-713212

Could not add route for L2L peer coming in on a dynamic map. address: IP address, mask: network mask. (7.0)

%PIX-3-713214

Could not delete route for L2L peer that came in on a dynamic map. address: IP address, mask: network mask. (7.0)

%PIX-3-713217

Skipping unrecognized rule: action: action client type: client type client version: client version. (7.0)

%PIX-3-713218

Tunnel Rejected: Client Type or Version not allowed. (7.0)

%PIX-3-713902

Unknown message text. (7.0)

%PIX-3-717001

Querying keypair failed. (7.0)

%PIX-3-717002

Certificate enrollment failed for trustpoint trustpoint_name. (7.0)

%PIX-3-717009

Certificate validate failed. reason_string. (7.0)

%PIX-3-717010

CRL polling failed for trustpoint trustpoint_name. (7.0)

    Категории