NetScreen Messages--Text Only P/N 093-0590-000 Rev.

F Address Critical (00031) { arp req | arp reply }, detect IP conflict (<ip_addr>), mac <mac_addr> on inter face <interface>

Notification Level (00001) Address <mbr_name> for { ip address <ip_addr> | domain address <dom_name> } in z one <zone> has been { added | deleted | modified }

Address group <grp_name> has { added | deleted } member <mbr_name>

Address group <grp_name> has been { added | deleted }

Address group <grp_name> comments have been modified

Address group <grp_name1> group name has been changed to <grp_name2>

Address group <grp_name> has been { added | deleted | modified }

Address <name_str> for ip address <ip_addr> in zone <zone> has been { added | de leted | modified }

arp entry <ip_addr> interface changed!

arp entry <ip_addr> interface changed old <interface1> new <interface2>!

Admin Critical (00027) Device Reset (Asset Recovery) has been { performed | aborted }

Multiple login failures occurred for user <usr_str>

Warning (00515) [ Vsys ] Admin User <name_str> has logged { on | out } via ( Telnet | SCS | cons ole }

[ Vsys ] Admin User t <port_num1>)

<name_str> logged in for Web({ http | https }) management (por

Management session via { the console | Telnet from <ip_addr>:<port_num> | SCS fr om <ip_addr>:<port_num> } for [ vsys ] admin <name_str> timed out

Login attempt to system by admin <name_str> via { the console | Telnet from <ip_ addr>:<port_num> | SCS from <ip_addr>:<port_num> } has failed.

[ Vsys ] Admin User %s has logged out via (the console | Telnet from <ip_addr>:< port_num> | SCS from <ip_addr>:<port_num> }

The session limit threshold has been set to <number> on zone <zone>.

Admin user <name_str> login attempt for Web{ https | http } management (port <nu mber>) from <ip_addr>:<port_num> failed.

Admin user <name_str> attempt access to <name_str> illegal from Web{ https | htt p } management (port <number>) from <ip_addr>:<port_num>.

Warning (00541) ScreenOS <string> serial # <id_num>: Asset recovery has been aborted.

Notification (00002) System configuration has been erased.

Management restriction for <ip_addr> subnet <mask> has been { added | removed }

Management restriction from all IPs and subnets has been removed

System IP has been changed from <ip_addr1> to <ip_addr2>

{ SCS | Telnet } port has been changed from <port_num1> to <port_num2>

HTTP port has been changed from <port_num1> to <port_num2>

SSL port changed from <port_num1> to <port_num2>

{ Root admin | Vsys admin } { password | name } has been changed by admin <name_ str>

Admin user <name_str> password has been changed

Vsys admin user <name_str> is modified

Admin user <name_str> has been { added | modified | deleted }

Web Admin Authentication idle timeout value has been changed from <number1> to n umber2> minutes

Unexpected error from email server(state=<id_num>):

E-mail notification has been { enabled | disabled }.

E-mail notification has been { enabled | disabled }.

Mail server { IP address | domain name } has been changed.

E-mail address { 1 | 2 } has been changed.

Inclusion of traffic logs with e-mail notification of event alarms has been { en abled | disabled }.

LCD control keys have been locked.

LCD display has been turned off and the LCD control keys have been locked.

LCD display has been turned on.

LCD display has been turned on and the LCD control keys have been unlocked.

Notification (00003) The console timeout value changed from <number1> to <number2> of minutes.

The console page size changed from <number1> to <number2>.

The local console has been { enabled | disabled }.

The console debug buffer has been { enabled | disabled }.

Information (00767) All System Config saved by admin <name_str>

System Config from flash to slot - <string> by admin <name_str>

The system configuration was loaded from the slot by admin <name_str>

System Config load from <ip_addr> (file <filename>) by admin <name_str>

System Config load from <ip_addr> (file <filename>) to slot - <string> by admin <name_str>

Save configuration to <ip_addr> (file: <filename>) by admin <name_str>

Get new software from flash to slot (file: <filename>) by admin <name_str>

Save new software from slot (file: <filename>) to flash by admin <name_str>

Save new software from <ip_addr> (file: <filename>) to flash by admin <name_str>

Get new software from <ip_addr> (file: <filename1>) to slot (file: <filename2>) by admin <name_str>

Get new software to <ip_addr> (file: <filename>) by admin <name_str>

Admin <name> issued command <string> to redirect output.

System is operational.

The system configuration was saved by admin <name_str>

System Config saved to filename <filename>

System auto-config of file <name_str> from TFTP server <ip_addr> has been loaded successfully

System auto-config of file <name_str> from TFTP server <ip_addr> has failed.

New GMT zone: <number> seconds

The Daylight Saving Time ended

The Daylight Saving Time started

System log was reviewed

Event log was reviewed

Asset-recovery log was reviewed

Self log was reviewed

Traffic log was reviewed

Alarm log was reviewed

Auth Alert (00003) Multiple authentication failures have been detected!

Warning (00518) User <usr_str> at <ip_addr1> must enter Next Code for SecurID <ip_addr2>

Warning (00518, 00519) Local authentication for user <usr_str> was { denied | successful }.

WebAuth user <name_str> at <ip_addr1> has been { accepted | rejected/timedout } via the <string> server at <ip_addr2>

Local authentication for WebAuth user <usr_str> was { denied | successful }

Error in authentication for WebAuth user <usr_str>

Admin user <name_str> has been { accepted | rejected } via the RADIUS server at <ip_addr>

Warning (00520) User <name_str> at <ip_addr> {RADIUS | SecurID | LDAP | Local } authentication a ttempt has timed out

Information (00525) User <usr_str> at <ip_addr1> must enter the New PIN for SecurID <ip_addr2>

User <usr_str> at <ip_addr1> must make a

New PIN

choice for SecurID <ip_addr2>

User <usr_str> at <ip_addr1> has selected a system-generated PIN for authentica tion with SecurID <ip_addr2>

The new PIN for user <usr_str> at <ip_addr1> has been { accepted | rejected } b y SecurID <ip_addr2>.

Information (00767) The device cannot contact the SecurID server

The device cannot send data to the SecurID server

BGP Notification (000039) BGP instance in virtual router <vrouter> was removed from the device

BGP instance in virtual router <vrouter> was created

BGP peer: <ip_addr> changed to Established state

BGP peer: <ip_addr> changed to Idle state

BGP peer: <ip_addr> is enabled

BGP peer: <ip_addr> is disabled

{ Message Header Error | Open Message Error | Update Message Error }

Received notification Invalid Error code from notification message

BGP instance <name_str> created for vr <vrouter>

BGP instance deleted for vr <vrouter>

BGP peer: <ip_addr> created

BGP peer: <ip_addr> deleted

Clock Notification (00008) System clock configurations have been changed by admin <name_str>

The system clock has been updated through NTP.

NTP settings have been changed

failed to get clock through NTP

New system time: <number>

system clock is changed manually

Device Critical (00022) At least one power supply is not functioning properly

The { primary | secondary } power supply is not functioning properly

At least one fan is not functioning properly

The system temperature (<number1> C, <number2> F) is too high.

The { primary | secondary } power supply is now functioning properly.

All fans are now functioning properly.

All power supplies are functioning properly now.

The auxiliary board has been pulled out or otherwise made inactive

The board in slot <number>, has been pulled out or otherwise made inactive

Critical (00030) System CPU utilization is high (<number1> alarm threshold:<number2>) <number3> t imes in 1 minute

DHCP DHCP Server and Relay Agent Critical (00029) The DHCP process cannot open file <filename> to { read | write } data.

DHCP file write: out of memory.

Notification (00024) DHCP server shared IP has been enabled

DHCP server has been { enabled | disabled }

DHCP server option have been { changed | removed }

DHCP relay agent settings have been changed

Notification (00025) The DHCP server IP address pool has changed.

Information (00527) One or more DHCP-assigned IP addresses have been manually released.

A DHCP-assigned IP address <ip_addr> has been { assigned to <mac_addr1> | freed from <mac_addr2> }.

MAC address <mac_addr> has detected an IP conflict and has declined address <ip_ addr>.

DHCP server has assigned or released an IP address.

DHCP Client Information (00530) DHCP client lease for <ip_addr> has expired

DHCP server <ip_addr> has assigned the untrust interface <interface> with lease <number>.

An IP conflict has been detected and the DHCP client has declined address <ip_ad dr>.

DHCP client IP <ip_addr> for the interface <interface> has been manually release d.

DHCP client is unable to get IP address for the untrust interface.

Information (00767) System auto-config of file <filename> from TFTP server <ip_addr> has { been load ed successfully | failed }.

DIP Notification (00021) IP pool <name_str> with range <ip_addr1>-<ip_addr2> has been { created | modifie d | deleted }

DNS Notification (00004) Daily DNS lookup time has been changed.

Daily DNS lookup has been disabled.

{ Primary | Secondary } DNS server IP has been changed.

DNS cache table has been cleared.

Notification (00006) Hostname set to <name_str>

Domain set to <name_str>

Notification (00029) DNS has been refreshed.

Information (00529) DNS entries have been { manually | automatically } refreshed.

DNS entries have been refreshed by HA.

Firewall Emergency (00005) SYN flood has been detected! From <ip_addr1>:<port_num1> to <ip_addr2>:<port_num 2>, using protocol TCP, on interface <interface>. [ The attack occurred <number> times. ]

syn proxy drop packet with unknown mac!

Emergency (00006) Teardrop attack has been detected! From <ip_addr1>:<port_num1> to <ip_addr2>:<po rt_num2>, using protocol { TCP | UDP | <number1> }, on interface <interface>. [ The attack occurred <number2> times. ]

Emergency (00007) Ping of Death has been detected! From <ip_addr1> to <ip_addr2>, using protocol 1 , on interface <interface>. [ The attack occurred <number> times. ]

Alert (00003) Multiple authentication failures have been detected!

Alert (00004) WinNuke attack has been detected! From <ip_addr1>:<port_num1> to <ip_addr2>:139, using protocol TCP, on interface <interface>. [ The attack occurred <number> ti mes. ]

Alert (00008) IP spoof has been detected! From <ip_addr1>:<port_num1> to <ip_addr2>:<port_num2 >, using protocol { TCP | UDP | <number1> }, on interface <interface>. [ The att ack occurred <number2> times. ]

Alert (00009) IP Source Route has been detected! From <ip_addr1>:<port_num1> to <ip_addr2>:<po rt_num2>, using protocol { TCP | UDP | <number1> }, on interface <interface>. [ The attack occurred <number2> times. ]

Alert (00010) Land attack has been detected! From <ip_addr1>:<port_num> to <ip_addr2>:<port_nu m>, using protocol TCP, on interface <interface>. [ The attack occurred <number> times. ]

Alert (00011) ICMP flood has been detected! From <ip_addr1> to <ip_addr2>, using protocol 1, o n interface <interface>. [ The attack occurred <number> times. ]

Alert (00012) UDP flood has been detected! From <ip_addr1>:<port_num1> to <ip_addr2>:<port_num 2>, using protocol UDP, on interface <interface>. [ The attack occurred <number> times. ]

Alert (00016) Port scan has been detected! From <ip_addr1>:<port_num1> to <ip_addr2>:<port_num 2>, using protocol { TCP | UDP | <number1> }, on interface <interface>. [ The at tack occurred <number2> times. ]

Alert (00017) Address sweep has been detected! From <ip_addr1> to <ip_addr2>, using protocol 1 , on interface <interface>. [ The attack occurred <number> times. ]

Critical (00015) inconsistent configuration between master and slave

Critical (00018) Deny Policy Alarm

Critical (00032) Malicious URL has been detected! From <ip_addr1>:<port_num1> to <ip_addr2>:<port _num2>, using protocol TCP, on interface <interface>. [ The attack occurred <num ber> times. ]

Critical (00033) Session threshold has been detected! From <ip_addr1>:<port_num1>, to <ip_addr2>: <port_num2>, using protocol { TCP | UDP | <number> }, and arriving at interface <interface>. [ The attack occurred <number> times. ]

Critical (00413) No tcp flag has been detected! From <ip_addr1>:<port_num1>, to <ip_addr2>:<port_ num2>, using protocol { TCP | UDP | <number> }, and arriving at interface <inter face>. [ The attack occurred <number> times. ]

Critical (00415) IP bad option has been detected! From <ip_addr1>:<port_num1>, to <ip_addr2>:<por t_num2>, using protocol { TCP | UDP | <number> }, and arriving at interface <int erface>. [ The attack occurred <number> times. ]

Critical (00437) SYN and FIN set has been detected! From <ip_addr1>:<port_num1>, to <ip_addr2>:<p ort_num2>, using protocol { TCP | UDP | <number> }, and arriving at interface <i nterface>. [ The attack occurred <number> times. ]

Critical (00438) FIN without ACK has been detected! From <ip_addr1>:<port_num1>, to <ip_addr2>:<p ort_num2>, using protocol { TCP | UDP | <number> }, and arriving at interface <i nterface>. [ The attack occurred <number> times. ]

Critical (00440)

ip fragment, From <ip_addr1>:<port_num1>, to <ip_addr2>:<port_num2>, using proto col { TCP | UDP | <number> }, and arriving at interface <interface>. [ The attac k occurred <number> times. ]

Notification (00005) <name_str> has been { enabled | disabled }.

SYN flood { alarm threshold | packet queue size | timeout value | attack thresho ld | same source IP threshold } is set to <number>.

SYN flood timeout has been set to <number> on <zone> <name_str>.

{ ICMP | UDP } flood alarm threshold has been changed to <number>/second.

Logging of { dropped | IKE | SNMP | ICMP } traffic to self has been { enabled | disabled }.

The SYN flood { alarm threshold | packet queue size | timeout value | attack thr eshold | same source IP threshold } has been set to <number> on <zone> <name_str >.

SYN flood { same destination ip | same source ip } threshold has been set to <nu mber> on <zone> <name_str>.

The SYN-ACK-ACK proxy threshold value has been set to <number> on <interface> <n ame_str>.

Screen service <serv_name> is { enabled | disabled } on <zone> <name_str>.

Screen service <serv_name> is { enabled | disabled } on interface <name_str>.

SYN flood drop pak in xparent mode when receiving unknown dst mac has been enabl ed on <zone> <name_str>.

{ IP sweep | Port scan | UDP flood | ICMP flood | } threshold has been set to <n umber> on <zone> <name_str>.

The session limit threshold has been set to <number> on <zone> <name_str>.

Global Critical (00028) An intruted has attempted to connect to the NetScreen-Global PRO port! From <ip_ addr1>:<port_num1> to <ip_addr2>:15400, using protocol { TCP | UDP | <number> }, at interface <interface>. [ The attack occurred <number> times. ]

Notification (00033) <name_str> { primary | secondary } host has been set to { dom_name | IP_addr }.

<name_str> has been { enabled | disabled }.

<name_str> { primary | secondary } host has been disabled.

User-defined service <serv_name> has been { added | removed } from <name_str> di stribution.

<name_str> timeout value has been returned to the default: 30 seconds.

<name_str> timeout value has been changed to <number> seconds.

Reporting of { the <name_str1> table | <name_str2> alarms | <name_str3> logs } t o <name_str4> has been { enabled | disabled }.

Information (00538) Cannot connect to <name_str> data collector at <ip_addr>.

Device is not known to <name_str> data collector at <ip_addr>.

Lost connection to <name_str> data collector at <ip_addr>.

Connection to <name_str> data collector at <ip_addr> has timed out.

Lost socket connection to <name_str> data collector at <ip_addr>.

Device has connected to the <name_str> { primary | secondary } data collector at <ip_addr>.

Connection to <name_str> data collector at <ip_addr> has been closed.

High Availability HA and NSRP Critical (00015) Configuration out of sync between local unit and remote unit

no HA <string> channel available (<string> used by other channel)

HA { control | data } channel moved from link { up | down } to { up | down } (<i

nterface>)

NSRP link { up | down }.

HA control channel change to <interface>.

HA data channel change to <interface>.

HA change from <string> to <string>.

HA: Slave is down

Critical (00070) NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from inoperable to init

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from ineligible to init

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from { master | primary backup | backup | ineligible | inoperable } to init, force command.

Critical (00071) NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from init to ma ster, missing master

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from backup to master, missing master

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from primary ba ckup to master, missing master

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from { primary backup | backup | ineligible | inoperable } to master, force command.

Critical (00072) NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from init to pr imary backup, missing primary backup

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from backup to primary backup, missing primary backup

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from { backup | ineligible | inoperable } to primary backup, force command.

Critical (00073) NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from init to ba ckup, elected

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from master to backup, { duplicate master | preempt by primary backup }

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from primary ba ckup to backup, duplicate primary backup

NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from { primary backup | ineligible | inoperable } to backup, force command

Critical (00074) NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from { master | primary backup | backup | ineligible | inoperable | init } to ineligible

Critical (00075) NSRP: local unit=<id_num1> of VSD group (<id_num2>) change state from { master | primary backup | backup | ineligible | inoperable | init } to inoperable

Critical (00076) NSRP: local unit=<id_num1> of VSD group (<id_num2>) send 2nd path request to uni t=<id_num3>

Critical (00077) NSRP: local unit=<id_num1> of VSD group (<id_num2>) receive 2nd path request fro m unit=<id_num3> to unit=<id_num4>

HA link disconnect. Begin to use second path of HA

Critical (00079) ARP req, detect duplicate VSD group master <ip_addr> <mac_addr> on interface <in terface>

Notification (00007) NSRP: VSD <id_num> change to { preempt | non-preempt } mode.

VSD heartbeat interval changed from <number1>(msec) to <number2>(msec).

Remove pathname <name_str> (ifnum=<id_num>) as secondary HA path

Change secondary HA path from <name_str1> to <name_str2>.

Set secondary HA path to <name_str> (ifnum=<id_num>)

NSRP: nsrp interface change to <interface>.

Session sync ended by unit=<dev_name>

NSRP encryption password changed.

NSRP authentication password changed.

NSRP: message <string> dropped: invalid encryption password.

RTO mirror group id=<id_num> direction={ in | out } is set

RTO mirror group id=<id_num> is set

RTO mirror group id=<id_num>, direction={ in | out } is unset

RTO mirror group id=<id_num> is unset

RTO mirror group id=<id_num> direction={ in | out } peer=<id_num> from { undefin ed | set | active } to { undefined | set | active } state, { missed heartbeat | group detached }

RTO mirror group id=<id_num1> direction={ in | out } local unit=<id_num2>, dupli cate from unit=<id_num3>

vsd group id=<id_num> is deleted, total number=<number>

vsd group id=<id_num> is created, total number=<number>

vsd group <id_num> local unit priority changed from <number1> to <number2>

HA Slave is { up | down }

HA: ha link { up | down }

HA change state to init

HA: Change state to initial state.

HA: Elected slave, { lower priority | MAC value is larger | master already exist s | detect new master with higher priority | detect new master with smaller MAC value }

HA: Promoted master, command issued from original master to change state

HA: Change to master, command issued from original master to change state

HA: Change state to slave { for tracking ip failed | for linkdown }

HA: Elected master, no other master

HA change group id to <id_num>

HA change priority to <number>

HA { encryption password | authentication password | encryption key | authentica tion key } changed.

Path Monitoring Critical (00062) nsrp track-ip ip <ip_addr> succeed!

IP tracking to <ip_addr> has failed!

HA linkdown

Critical (00063) nsrp track-ip ip <ip_addr> failed!

Critical (00064) track ip fail reaches threshold, system may fail over!

Can not create track-ip list

IKE Alert (00026) IKE <ip_addr> Policy Manager's default CA is used by peer to establish IPSEC VPN .

Notification (00017) IKE key <key_id> has been deleted.

IKE <ip_addr>: Gateway settings have been modified.

P1 proposal <name_str> with { Preshared | RSA-sig | DSA-sig }, DH group { 0 | 1 | 2 | 5 }, ESP { NULL | DES | 3DES | AES128 | AES192 | AES256 }, auth { NULL | M D5 | SHA-1 }, and lifetime <number> has been { added | modified | deleted }.

P2 proposal <name_str> with DH group { 0 | 1 | 2 | 5 }, { AH | ESP }, enc { NULL | DES | 3DES | AES128 | AES192 | AES256 }, auth { NULL | MD5 | SHA-1 }, and lif etime (sec <number>) (kb <number>) has been { added | modified | deleted }.

Information (00536) IKE <ip_addr>: Missing heartbeats have exceeded the threshold. All Phase 1 and 2 SAs have been removed.

IKE <ip_addr> Phase 1: Cert received has a different { IP address | FQDN | UFQDN } SubAltName than expected.

IKE <ip_addr> Phase 1: Cert received has a subject name that does not match the ID payload.

IKE <ip_addr> Phase 1: Cannot use a preshared key because the peer gateway <ip_a ddr> has a dynamic IP address and negotiations are in Main mode.

IKE <ip_addr>: Received incorrect ID payload: ID type mismatch.

IKE <ip_addr> Phase 1: Main mode packet has arrived with ID type { IP address | FQDN | UFQDN | ASN1_DN }, but no user configuration was found for that ID.

IKE <ip_addr> Phase 1: Retransmission limit has been reached.

IKE <ip_addr> Give up phase-2, session id <id_num>

IKE <ip_addr> Phase 1: Completed { Aggressive | Main } mode negotiations with a <number>-second lifetime.

IKE <ip_addr> Phase 1: Discarded a second initial packet, which arrived within 5 seconds after the first.

IKE <ip_addr> Phase 1: { Aggressive | Main } mode negotiations have failed.

IKE <ip_addr> Phase 1: Received an invalid RSA signature.

IKE <ip_addr1> >> <ip_addr2> Phase 1: Initiated negotiations in { Aggressive | M ain } mode.

IKE <ip_addr> Phase 1: Cannot verify { RSA | DSA } signature.

IKE <ip_addr> Phase 1: No private key exists to sign packets.

IKE <ip_addr> Phase 1: { RSA | DSA } private key is needed to sign packets.

IKE <ip_addr> Phase 1: Received an incorrect public key authentication method.

IKE <ip_addr> Phase 1: IKE { initiator | responder } has detected NAT in front o f the { local | remote } device.

IKE <ip_addr> Phase { 1 | 2 }: Aborted negotiations because the time limit has e lapsed.

IKE <ip_addr> Phase { 1 | 2 }: Rejected proposals from peer. Negotiations failed .

IKE <ip_addr> Phase 2: Initiated negotiation.

IKE <ip_addr> Phase 2: Received a message but did not check a policy because idmode is set to IP or policy-checking is disabled.

IKE <ip_addr> Phase 2: No policy exists for the proxy ID received: local ID (<ip _addr>/<mask>, <protocol>, <port_num>) remote ID (<ip_addr>/<mask>, <protocol>, <port_num>).

IKE <ip_addr> Phase 2: Received DH group <value1> instead of expected group <val ue2> for PFS.

IKE <ip_addr> Phase 2 msg-id <number>: Received responder lifetime notification.

IKE <ip_addr> Phase 2: Negotiations have failed. Policy-checking has been disabl ed but multiple VPN policies to the peer exist.

IKE <ip_addr> Phase 2 msg-id <number>: Responded to the first peer message.

IKE <ip_addr> Phase 2 msg-id <number>: Negotiations have failed.

IKE <ip_addr> Phase 2 msg-id <number>: Completed negotiations with SPI <number1> , tunnel ID <number2>, and lifetime <number3> seconds/<number> KB.

IKE <ip_addr>: Dropped packet because remote gateway <name_str> is not used in a ny VPN tunnel configurations.

IKE <ip_addr> Recv TRNXTN_XCHG:payloadtype (<number>)

IKE <ip_addr> rcv incorrect ID payload: (IP address <ip_addr> | FQDN <string1> | UFQDN <string2> | ASN1_DN <string3>), expecting (IP address <ip_addr> | FQDN <s tring4> | UFQDN <string5> | ASN1_DN <string6>).

IKE <ip_addr>: Sent initial contact notification to peer to use new sa.

IKE <ip_addr>: Rejected an initial Phase 1 packet from an unrecognized peer gate way.

IKE <ip_addr> Heartbeats have been lost <number> times.

IKE <ip_addr>: Responded to a packet with a bad SPI after rebooting.

IKE <ip_addr>: Received notify message for DOI <number1> <number2> <string>.

IKE <ip_addr>: Received a bad SPI <spi_num> [ from unknown peer | after rebootin g | <number> times ].

IKE <ip_addr>: Sent initial contact notification message.

IKE <ip_addr>: Added the initial contact task to the task list.

IKE <ip_addr> Initial contact task exist.

IKE <ip_addr>: Added Phase 2 session tasks to the task list.

IKE <ip_addr> Phase 2 negotiation request is already in the task list.

Receive UDP packets from (ip_addr1/port_num1) on <interface> (ip_addr2/port_num2 )

Gateway <name_str> at <ip_addr> in { main | aggressive } mode with ID: { <string > | [none] } has been { added | deleted | modified }.

IKE <ip_addr>: Received initial contact notification and removed Phase { 1 | 2 } SAs.

IKE <ip_addr> Phase 1: Responder starts { Main | Aggressive } mode negotiations.

IKE <ip_addr>: Removed Phase 2 SAs after receiving a notification message.

IKE <ip_addr> Rejected first Phase 1 packet from an unrecognized source.

IKE <ip_addr> Dropped peer packet because no policy uses the peer configuration.

IKE <ip_addr> Heartbeats have been disabled because the peer is not sending them .

IKE <ip_addr>: Changed heartbeat interval to <number>.

Local gateway IP address has changed from 0.0.0.0 to <ip_addr>.

Attempt to set tunnel (<name_str>) without IP address at both end points! Check outgoing interface.

IKE <ip_addr> policy id <id_num> fails over from sa <id_num1> to sa <id_num2>

IKE <ip_addr> new sa <tun_id_num1> is up, try to switch policy <pol_id_num> from <tun_id_num2>

IKE <ip_addr>: A sa <tun_id_num1> with a higher weight replaced the sa <tun_id_n um2> in policy <pol_id_num>.

Interface Notification (00009) IP for interface <interface> has been changed from <ip_addr1> to <ip_addr2>.

Netmask for interface <interface> has been changed from <mask1> to <mask2>.

Manage IP for interface <interface> has been changed from <ip_addr1> to <ip_addr 2>.

Gateway IP for interface <interface> has been changed from <ip_addr1> to <ip_add r2>.

Interface <interface> in <name_str> with IP <ip_addr> <mask> [ tag <number> ] wa s created.

Interface <interface> in <name_str> was removed.

Maximum bandwidth <number1> kbps on interface <interface> is less than total gua ranteed bandwidth <number2> kbps.

The configured bandwidth on the interface <interface> has been changed to <numbe r> kbps.

{ Global PRO | Ident-reset | Ping | SCS | SNMP | SSL | Telnet | Web } has been { enabled | disabled } on interface <interface>

The operational mode for interface <interface> has been changed to { Route | NAT }.

DHCP client has been { enabled | disabled } on interface <interface>

Interface <interface> was unbound from zone <zone>.

Interface <interface1> was bound to zone <zone>.

Secondary IP address <ip_addr>/<mask> was removed from interface <interface>.

Secondary IP address <ip_addr> was added to interface <interface>.

Route between secondary IPs on interface <interface> was { enabled | disabled }.

L2TP Information (00539) Cannot allocate IP addr from Pool <name_str> for user <usr_str>

No IP Pool has been assigned. You cannot allocate an IP address

Dialup HDLC PPP session has successfully established.

Dialup HDLC PPP failed to establish a session: <string>.

PPP settings changed.

Link Status Notification (00513) The physical state of the interface <interface> has changed to { up | down }.

Logs Information (00534) <name_str> has been cleared.

Information (00767) { Alarm | Traffic | Event | Asset recovery | Self } log was reviewed by admin <n ame>.

Log buffer was full and remaining messages were sent to external destination. [ <number> packets were dropped. ]

All logged events or alarms are cleared by admin <name>.

Log setting is modified to { enable | disable } <level> level by admin <name>

MIP Notification (00010) Mapped IP <ip_addr1> <ip_addr2> has been { added | modified | deleted }.

NACN Notification (00033) The NACN protocol has been { enabled | disabled }

NACN Policy Manager { 1 | 2 } s host field has been unset.

NACN Policy Manager { 1 | 2 } s password field has been unset.

NACN Policy Manager { 1 | 2 } s policy-domain field has been unset.

NACN Policy Manager { 1 | 2 } s outgoing interface, used to report NACN to Policy Manager { 1 | 2 }, has not been specified.

NACN Policy Manager {1 | 2 } s port field has been reset to the default value.

NACN Policy Manager { 1 | 2 } s Cert-Subject field has not been specified.

NACN Policy Manager { 1 | 2 } s CA certificate field has not been specified.

NACN Policy Manager { 1 | 2 } s host field has been set to <serv_name>.

NACN Policy Manager { 1 | 2 } s password field has been set.

NACN Policy Manager { 1 | 2 } s policy-domain field has been set to <dom_name>.

NACN Policy Manager {1 | 2 } s outgoing-interface field has been set to <interface >.

NACN Policy Manager {1 | 2 } s port field has been set to <port_num>.

NACN Policy Manager {1 | 2 } s Cert-Subject field has been set to <name_str>.

NACN Policy Manager {1 | 2 } s CA certificate field has been set to <name_str>.

Information (00538) NACN failed to register to Policy Manager <name_str> because of { wrong password | the device does not exist | an invalid IP address | an unknown error }.

NACN failed to register to Policy Manager <name_str> because the connection time d out or aborted unexpectedly.

The NACN protocol has started for Policy Manager { 1 | 2 } on hostname <name_str > IP address <ip_addr> port <port_num>.

OSPF Critical (00202) <id_num> hello-packet flood from neighbor (ip = <ip_addr>, router-id = <id_num2> ) on interface <interface>, packet is dropped

Critical (00203) <id_num> lsa flood on interface <interface> has dropped a packet.

Notification (00038) { Set | Unset } vrouter <vrouter> protocol ospf <string>

{ Set | Unset } vrouter <vrouter> <string>

OSPF routing instance in vrouter <vrouter> is created.

ospf instance in vrouter <vrouter> is deleted.

vrouter <vrouter> was { set | unset }.

Notification (00041) A route-map entry with sequence number <number1> in route map <name_str> in virt ual router <vrouter> has been removed

A route-map <name_str> in virtual router <vrouter> has been removed

A route-map entry with sequence-number <number> in route-map <name_str> in virtu al router <vrouter> has been created

Notification (00044) access list <id_num> sequence number <number> permit | deny ip <ip_addr>/<mask> deleted in vrouter <vrouter>

access list <id_num> deleted in vrouter <vrouter>

access list <id_num> created in vrouter <vrouter>.

access list <id_num> sequence number <number> permit | deny ip <ip_addr>/<mask> created in vrouter <vrouter>

Information (00541) <id_num1> NBR change, rtid <id_num2> <ip_addr> state = <string>

PKI Critical (00025) PKI: The current device failed to save the { certificate authority configuration | key }.

Failed to { locate | delete } the key.

PKI: The device failed to save the key object.

PKI: The device failed to save the DSA/RSA key.

PKI: The device cannot load the X.509 object into the flash file <filename>.

PKI: The device has no memory to load PKI objects, filename <filename>.

PKI: The device cannot load X.509 {certificate | CRL}, filename <filename>.

PKI: The device has no memory to generate PKCS10 data.

PKI: The device failed to generate PKCS10 data.

PKI: The device failed to generate the certificate request file in PKCS10 format .

PKI: The device failed to send the PKCS10 certificate request file via email.

PKI: The device failed to send an X.509 certificate request in PKCS10 format.

PKI: The device has detected zero DSA/RSA key length input. Use 1024 bits defaul t.

PKI: The device failed to save the { RSA | DSA } key.

PKI: The device failed to generate a certificate request.

PKI: The device cannot generate a certificate request because there is no contro

l data.

PKI: The device cannot locate the keypair with id <id_num> to generate certifica te request.

PKI: The device cannot find the RSA/DSA key pair to generate certificate request .

PKI: The device cannot find the subject DN to generate certificate request.

PKI: The device cannot decode the public key of certificate <name_str>.

Notification (00030) X509 certificate with subject name <name_str> is deleted.

PKI: A configurable item DN s { Name | phone | e-mail | country | state | county/lo cality | organization | unit/department | IP address | e-mail to } field has chan ged from { <string1> to none | none to <string2> | <string1> to <string2> }.

PKI: A configurable item raw CN setting disabled to enabled }.

field has changed from { enabled

to

disabled |

PKI: A configurable item default certificate validation level field has changed fr om { full to partial | partial to full }.

PKI: A configurable item certificate FQDN field has changed from 2> .

<string1>

to <string

PKI: A configurable item default LDAP server name field has changed from { 1> to <ip_addr2> | <dom_name1> to <dom_name2> }.

<ip_addr

PKI: A configurable item 1> to <string2> .

default LDAP server CRL URL

field has changed from <string

PKI: A configurable item e-mail address to send certificate request ged from <number1> to <number2> .

field has chan

PKI: A configurable item er1> to <number2> .

default CRL Refresh Frequency

field has changed from

<numb

PKI: A configurable item o <string2> .

SCEP s { CA | RA } CGI URL

field has changed from <string1>

PKI: A configurable item SCEP s { CA IDENT | challenge password } from <name_str1> to <name_str2> .

field has changed

PKI: A configurable item to 0 }.

CRL s signature verification field has changed from {

to

1 |

PKI: The device failed to store the authority configuration.

create new authcfg for CA <id_num>

PKI: NSRP cold sync start for total of <number> items.

PKI: NSRP sync received cold sync item <number1> out of order, expect <number2> of <total_number>.

PKI: NSRP sync received cold sync item <number> without first item.

PKI: NSRP sync received normal item during cold sync.

PKI: The X.509 { certificate | certificate revocation list } cannot be loaded du ring NSRP synchronization.

PKI: The certificate revocation list has expired, issued by certificate authorit y <name_str>.

PKI: The { file name | friendly name of a certificate | vsys name } is too long <number1> to do NSRP synchronization, allowed <number2>.

PKI: The NSRP high availability synchronization <cmd_id> failed.

PKI: The device failed to coldsync the PKI object at <number> attempt.

PKI: The device completed the coldsync of the PKI object at <%d> attempt.

PKI: A configurable item SCEP mode has changed [ from <string1> to <string2> | f rom none to <string1> | from <string1> to none ].

PKI: X.509 { certificate | CRL } file has been loaded successfully, filename <fi lename>.

PKI: The RSA key length has changed from { 512 | 768 | 1024 | 2048 } to { 512 | 768 | 1024 | 2048 }.

PKI: The X.509 certificate for the ScreenOS image authentication is invalid.

PKI: The device failed to decode the public key of the image s signer certificate.

PKI: The signature of the image s signer certificate cannot be verified.

PKI: The public key of image s signer has been loaded successfully, for future ima ge authentication.

PKI: The device successfully generated a new { RSA | DSA } key pair.

PKI CRL: no revoke info, accept per config, DN <name_str>.

PKI: no cert revocation check per config, DN <name_str>.

PKI: The device could not generate { RSA | DSA } key pair.

PKI: The device cannot load the CA certificate received through SCEP.

PKI: The device cannot load the X.509 local certificate received through SCEP.

PKI: The X.509 local certificate cannot be sync to vsd member.

PKI: The certificate <name_str> will expire, please renew.

PKI: The certificate <name_str> will expire, auto renew.

PKI: The device cannot load a certificate pending SCEP completion.

upgrade to 4.0, copy authcfg from global.

PKI: The device is loading the version 0 PKI data.

PKI: The device has failed to load an invalid X.509 object.

PKI: The device has detected invalid X.509 object content.

PKI: The device cannot load the X.509 { certificate | certificate revocation lis t } during boot.

PKI: The device cannot extract the X.509 certificate revocation list.

PKI: The device detected an invalid RSA key.

PKI: The device failed to install the RSA key.

PKI: The device detected an invalid digital signature algorithm (DSA) key.

PKI: failed to install DSA key.

PKI: The configuration content of certificate authority <name_str> is not valid.

PKI: The device failed to save the certificate authority related configuration.

PKI: The device has detected an invalid X.509 object attribute <number>.

PKI: The device cannot find the PKI object <id_num> during cold sync.

PKI: The device failed to remove existing authority configuration when nsrp sync .

PKI: The device cannot load the X.509 certificate file.

PKI: The device cannot load the X.509 certificate revocation list during boot.

PKI: The device cannot load the X.509 certificate revocation list (CRL) from the file.

PKI: The device cannot extract the X.509 certificate revocation list [ (CRL) ].

PKI: Upgrade from earlier version, save to file.

PKI: no nsrp sync for pre 2.5 objects.

PKI: The device cannot load X.509 certificate onto the device, certificate <name _str>.

PKI: The device failed to synchronize DSA/RSA key pair to NSRP peer.

PKI: no FQDN available when requesting certificate.

loadCert: Cannot acquire authcfg for this CA cert <name_str>.

PKI: The device failed to synchronize new DSA/RSA key pair to NSRP peer.

PKI: The device cannot load an X.509 certificate revocation list (CRL).

PKI: The device failed to retrieve the pending certificate <name_str>.

PKI: The device cannot allocate this object id number <id_num>.

PKI: X.509 certificate has been deleted, distinguished name <name_str>.

PKI: The CRL <id_num> is deleted.

Information (00535) PKI: The current device cannot retrieve the certificate revocation list using th e HTTP protocol.

PKI: The current device cannot successfully enroll a certificate using the SCEP & HTTP protocol.

PKI Verify Error: <id_num>:<text_str>

PKI: The device cannot create the X.509 object database table.

PKI: The device has disabled the SCEP renewal process.

PKI: The number of the X.509 object entries exceeds the limit for the platform. The maximum allowed is <number>.

PKI: The size of the CRL is too big to save to flash. Maximum <number> bytes.

PKI: X.509 local certificate is not valid, certificate <name>.

PKI: When building a certificate chain, the certificate at the top of the untrus ted chain is not issued by the designated certificate authority.

PKI: The subject name of the received CA certificate is <name_str>.

PKI: The correct CA certificate should have subject name <name_str>.

PKI: The device cannot allocate memory to request an X.509 certificate.

PKI: The device has received PKI error message <string>.

PKI: The device has changed the SCEP renewal interval to <number> days

PKI: The device has changed the SCEP polling interval from <number1> to <number2 >.

PKI: The distinguished name <name_str> for certificate request is invalid.

PKI: The device has detected invalid input parameters.

PKI: The keypair for certificate request is invalid.

PKI: The device cannot allocate memory for the challenge password during a certi ficate request.

PKI: The device cannot allocate memory for X.509 extensions during a certificate request.

PKI: The device cannot sign the X.509 request.

PKI: The device cannot allocate memory to store keypair in certificate request.

PKI: The device has generated a certificate request in PKCS10 format.

Need X509_REQ.

No memory to store certificate request.

PKI: The device failed to convert the certificate request into a DER formatted f ile.

PKI: The device failed to encode the certificate request into DER format.

PKI: The device has no memory to store PKCS7 content data when requesting a cert ificate.

PKI: The device has no memory to store the certificate issuer name.

X509 certificate database is full.

PKI: The device has no memory to store PKCS7 content data when requesting a cert ificate.

PKI: The device cannot generate a self-signed X.509 certificate <name_str>.

PKI: The device failed to set type of PKCS7 outer envelope.

PKI: The device failed to add a signature to the PKCS7 outer envelope.

PKI: The device cannot encrypt the SCEP content data in an inner PKCS7 envelope.

PKI: The device failed to set the type of inner PKCS7 envelope.

PKI: The device failed to create an inner PKCS7 envelope.

PKI: The device cannot sign the SCEP request in outer PKCS7 envelope.

PKI: The device cannot encrypt the data in outer PKCS7 envelope.

PKI: The device failed to create an outer PKCS7 envelope.

PKI: The SCEP certificate request has been completed successfully.

PKI: The device cannot decode SCEP content data in PKCS7 envelope.

PKI: The device cannot decode the inner PKCS7 envelope.

PKI: The device received zero length SCEP content data.

PKI: The device cannot decode an outer PKCS7 envelope of SCEP content data.

PKI: The device received empty SCEP content data.

PKI: The device cannot decrypt SCEP data in outer PKCS7 envelope.

PKI: The device has a bad SCEP key pair.

PKI: The device failed to process an SCEP response.

PKI: The device received a SCEP_FAILURE message from the CA.

PKI: finger print of CA certificate rejected. DN <name_str>

PKI: Empty certificate descriptor file.

PKI: The device cannot verify the signature on CRL. Accept the CRL anyway as con figured.

PKI: The device cannot create a state for SCEP operation.

failed to create PLDAP_STATE instance

PKI: The device found the X.509 certificate in the local trust store, abort cert ificate request.

PPPoE Notification (00034) PPPoE is { enabled | disabled } on <interface> interface

The Point-to-Point Protocol over Ethernet (PPPoE) protocol settings changed

PPPoE Settings changed

PPPoE s session closed by AC

AC <name_str> is advertising URL <string>

Message from AC <name_str>: <string>

Information (00537) PPPoE session starts to negotiate

PPPoE session has successfully established

The point-to-point over Ethernet (PPPoE) connection failed to establish a sessio n: {PADI | PADR} timeout

The Point-to-Point over Ethernet (PPPoE) connection failed to establish a sessio n: no IP address assigned

PPPoE failed to establish a session: { Service Name Error Tag | AC System Error Tag | Generic Error Tag } received

PPPoE failed to establish a session: LCP, CHAP/PAP, IPCP link setup

The point-to-point over Ethernet (PPPoE) connection failed to establish a sessio n: <string> received

PPPoE session shuts down: by user

PPPoE session shuts down: idle timeout

PPPoE session shuts down: PPPoE disabled

PPPoE session shuts down: System reset

Policies Notification (00018) Policy (<id_num>, { <zone1> -> <zone2> | global }, <src_addr> -> <dst_addr>, <sv c_name>, { permit | deny | tunnel }) was { added | modified | deleted | enabled | disabled } by admin <name_str>

Policy <id_num1> has been moved { before | after } <id_num2> by admin <name_str>

Policy (<id_num>, global, <src_addr> -> <dst_addr>, <svc_name>, { permit | deny | tunnel }) was added

Device s default policy has been changed from { enabled | disabled } to { disabled | enabled } by admin <name_str>

Routes Critical (00200) A new route cannot be added to the device because the maximum number of system r oute entries <number> has been exceeded

Critical (00201) A route <ip_addr>/<mask> cannot be added to the virtual router <vrouter> because the number of route entries in the virtual router exceeds the maximum number of

routes <number> allowed

Notification (00011) Route(s) in virtual router <vrouter> with an IP address <ip_addr>/<mask> and gat eway <ip_addr> has been deleted

A route in virtual router <vrouter> that has IP address <ip_addr>/<mask> through interface <interface> and gateway <ip_addr> with metric <number> has been creat ed

A route has been created in virtual router <vrouter1> with an IP address <ip_add r>/<mask> and next-hop as virtual router <vrouter2>

An import | export rule in virtual router <vrouter1> to virtual router <vrouter2 > with IP-prefix <<ip_addr>/<mask> has been created | removed

An import | export rule in virtual router <vrouter1> to virtual router <vrouter2 > with route-map <id_num> and protocol <name_str> has been created | removed

A sharable virtual router using name <vrouter> and id <id_num> has been created

The auto-route-export feature in virtual router <vrouter> has been enabled

The maximum number of routes that can be created in virtual router <vrouter> is <number>

The router-id that can be used by OSPF, BGP routing instances in virtual router <vrouter> has been set to <id_num>

The routing preference for protocol <name_str> in virtual router <vrouter> has b

een set to <number>

The virtual router <vrouter> has been made default virtual router for virtual sy stem <name_str>

The virtual router <vrouter> has been made sharable

The system default-route through virtual router <vrouter1> has been added in vir tual router <vrouter2>

The auto-route-export feature in virtual router <vrouter> has been disabled

The maximum routes limit in virtual router <vrouter> has been removed

The router-id of virtual router <vrouter> used by OSPF, BGP routing instances id has been uninitialized

The routing preference for protocol <name_str> in virtual router <vrouter> has b een reset

The virtual router <vrouter> has been made unsharable

The system default-route in virtual router <vrouter> has been removed

The virtual router <vrouter> has been made sharable

A virtual router with name <vrouter> and id <id_num> has been removed

Schedule Notification (00020) Schedule <name_str> has been { added | modified | deleted }.

SCS Critical (00034) SCS: NetScreen device failed to identify itself to the SSH client at <ip_addr>:< port_num>.

SCS: NetScreen device failed to authenticate the SSH client at <ip_addr>:<port_n um>.

SCS: Incompatible SSH version <version_string> has been received from the SSH cl ient at <ip_addr>:<port_num>.

SCS: Unable to validate cookie from the SSH client at <ip_addr>:<port_num>.

SCS: Failed to retrieve PKA key bound to SSH user <user_name>. (Key ID=<id_num>)

SCS: Failed to { bind | unbind } PKA key { to | from } SSH user <user_name>. (Ke y ID=<id_num>)

SCS: NetScreen device failed to generate a PKA RSA challenge for SSH user <user_ name> at <ip_addr>:<port_num>. (Key ID=<id_num>)

SCS: Failed to send identification string to client host at <ip_addr>:<port_num> .

SCS: Failed to retrieve host key

SCS: Failed to remove PKA key removed.

SCS: FIPS self test failed

SCS: Unable to perform FIPS self test

Error (00034) SCS: Unsupported cipher type <name_str> requested from: <ip_addr>:<port_num>

SCS: Maximum number for SCS sessions <number> has been reached. Connection reque st from SSH user at <ip_addr>:<port_num> has been denied.

SCS: SSH client at <ip_addr>:<port_num> has failed to make an SCS connection to vsys <name_str> because SCS cannot generate the host and server keys before timi ng out.

SCS: SSH user <user_name> at <ip_addr>:<port_num> has failed the PKA RSA challen ge.

Warning (00034) SCS: SCS has been { enabled | disabled } for <name_str> with <number> existing P KA keys already bound to <number> SSH users.

SCS: SSH user <name> at <ip_addr>:<port_num> has requested password authenticati on, which is not enabled for that user.

SCS: SSH user <name> at <ip_addr>:<port_num> has requested PKA RSA authenticatio

n, which is not supported for that client.

SCS: SSH user <name> at <ip_addr>:<port_num> has unsuccessfully attempted to log in via SCS to <name_str> using the shared untrusted interface because SCS is di sabled on that interface.

SCS: Max <number> sessions reached, unabel to accept connection : <ip_addr>:<por t_num>

SCS: Disabled for <name_str>. Attempted connection failed from <ip_addr>:<port_n um>

SCS: SSH user <user_name> at <ip_addr>:<port_num> cannot log in via SCS to <name _str> using the shared untrusted interface because SCS is disabled.

SCS: SSH client at <ip_addr1> has attempted to make an SCS connection to interfa ce <interface> with IP <ip_addr2> but failed because SCS is not enabled for that interface.

SCS: SSH client at <ip_addr>:<port_num> has attempted to make an SCS connection to vsys <name_str> but failed because SCS was not completely initialized for tha t system.

Notification (00026) SCS: Host client has requested NO cipher from <name_str>

SCS: SCS has been { enabled | disabled } for { <name_str> | root system }.

SCS: Key regeneration interval has been changed from <number1> to <number2>.

SCS: SSH user <usr_str> has been authenticated using password from <ip_addr>:<po rt_num>.

SCS: SSH user <usr_str> has been authenticated using PKA RSA from <ip_addr>:<por t_num>. (key-ID=<key_id_num>

SCS: PKA key has been { bound to | unbound from } admin user <user_name>. (Key I D = <id_num>)

SCS: Connection has been terminated for admin user <name_str> at <ip_addr>:<port _num>

Services Notification (00012) Service <serv_name> has been { added | modified | deleted }

Service group <grp_name> has been { added | deleted | modified}

Service group <grp_name> has { added member <serv_name> | deleted member }

Service group <grp_name> comments have been modified.

Service group <grp_name1> group name has been changed to <grp_name2>.

SNMP Critical (00027) SNMP listen port has been restored from <port_num> to default port 161. This cha nge goes into effect in three seconds.

SNMP listen port has been changed from <port_num1> to <port_num2>. This change g

oes into effect in three seconds.

Notification (00002) SNMP trap port has been changed from <port_num1> to port <port_num2>. This chang e goes into effect in three seconds.

SNMP listen port has been restored from <port_num> to default port 161. This cha nge goes into effect in three seconds.

SNMP listen port has been changed from <port_num1> to <port_num2>. This change g oes into effect in three seconds.

SNMP trap port has been restored from <port_num> to default port 162.

Notification (00031) SNMP VPN has been { enabled | disabled }.

SNMP AuthenTraps have been { enabled | disabled }.

SNMP { contact | location } description has been modified.

SNMP community <name_str> attributes write access, { yes | no }; receive traps, { yes | no }; receive traffic alarms, { yes | no } have been modified.

SNMP host <ip_addr> has been { added to | removed from } SNMP community <name_st r>.

Information (00524) SNMP request from <ip_addr1>:<port_num> to <ip_addr2>:<port_num> has been receiv ed, but the SNMP version type is incorrect.

Response to SNMP request from <ip_addr1>:<port_num1> to <ip_addr2>:<port_num2> h as failed due to a coding error.

SNMP request from an unknown SNMP community <name_str> at <ip_addr1>:<port_num1> to <ip_addr2>:<port_num2> has been received.

NetScreen device at <ip_addr1>:<port_num1> has responded successfully to SNMP re quest from <ip_addr2>:<port_num2>.

SNMP community <name_str> cannot be added because the community list is full.

SNMP host <ip_addr> cannot be added because community <name_str> is full.

SNMP host <ip_addr> cannot be added to community <name_str> because of an IP add ress conflict.

SNMP host <ip_addr> cannot be removed from community <name_str> because host can not be found.

SNMP request has been received from an unknown host in SNMP community <name_str> at <ip_addr1>:<port_num1> to <ip_addr2>:<port_num2>.

SNMP request has been received from host <ip_addr1>:<port_num1> with read-only p rivileges to <ip_addr2>:<port_num2>.

SNMP request has been received from host <ip_addr1>:<port_num1> without read pri vileges to <ip_addr2>:<port_num2>.

SNMP request has been received, but no SNMP community has been configured.

Software Key Notification (00036) An optional ScreenOS feature has been activated via a software key.

SSL Notification (00035) SSL No ssl context. Not ready for connections.

SSL enabled | disabled

SSL memory allocation fails in process_ca()

SSL memory allocation fails in process_cert()

SSL ssl context init failed

SSL no ssl cert

SSL set | verify cert failed. Key type is not RSA

PKI Verify Error: <id_num>:<string>

SSL Error when retrieve local ca(verify): <number>

SSL Error when retrieve local cert(verify | all): <number>

SSL - Error ID in incoming mail - <id_num>

SSL certificate changed

SSL cert changed to none

SSL set cert id is invalid<id_num>

SSL - cipher type <string> is not allowed in export or firewall only system

SSL ca changed to none

SSL no ssl ca

SSL CA changed

SSL set ca id is invalid<id_num>

SSL cert subject mismatch: <string1> recieved, <string2> is expected

Web SSL cipher changed from <name_str1> to <name_str2>

SSL cipher changed from <name_str1> to <name_str2>

Web SSL Port changed from <port_num1> to <port_num2>

Syslog Notification (00019) Attempt to enable { syslog | traffic logging via syslog } has failed because sys log settings have not yet been configured.

{ Syslog | Traffic logging via syslog } has been { enabled | disabled }.

Syslog VPN encryption has been { enabled | disabled }.

Syslog host { IP | domain name | port number } has been changed to { <ip_addr> | <domain_name> | <port_num> }.

Syslog { facility | security facility } has been changed to { local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | auth/sec }.

Socket cannot be assigned for syslog.

WebTrends Notification (00019) Attempt to enable WebTrends has failed because WebTrends settings have not yet b een configured.

WebTrends has been { enabled | disabled }.

WebTrends VPN encryption has been { enabled | disabled }.

WebTrends host { IP | domain name | port number } has been changed to { <ip_addr > | <dom_name> | <port_num> }.

Socket cannot be assigned for WebTrends.

System Critical (00020) System memory is low: <number1> bytes allocated out of <number2> bytes total.

System memory is low (<number1> allocated out of <number2>) <number3> times in 1 minute

Traffic Shaping (00028) traffic shaping is turned { ON | OFF }

Users Information (00526) The user limit has been exceeded and <ip_addr> cannot be added.

VIP Critical (00023) VIP/load balance server <ip_addr> cannot be contacted

VIP server <ip_addr> cannot be contacted

Notification (00016) Address VIP (<ip_addr1>) for <ip_addr2> has been { added | modified | deleted }.

VIP multi-port was { enabled | disabled }

Information (00533) VIP/ load balance server <ip_addr> now alive.

VIP server <ip_addr> now alive.

VIP/load balance server <ip_addr> is in manual mode

VIP server <ip_addr> is in manual mode

Virtual Systems Notification (00032) Vsys <name_str> has been created

Vsys <name_str> ID has been changed from <id_num1> to <id_num2>

Vsys <name_str1> has been changed to <name_str2>.

Vsys <name_str> has been deleted

NSRP VSD group ID for vsys <name_str> has been changed from <id_num1> to <id_num 2>

VLANs Notification (00009) VLAN tag <number> has been { created | deleted }

The 802.1Q tag for interface <interface> has been removed

The 802.1Q tag for interface <interface> has been changed to <number> from <numb er>

802.1Q VLAN trunking for interface <interface> has been turned { on | off }

VPNs Critical (00026) Replay packets have been detected! From <ip_addr>:<port_num> to <ip_addr>:<port_ num>, using protocol { 50 | 51 }, on interface <interface>. [ The attack occurre d <number> times.]

Notification (00017) vpnmonitor interval is unset.

vpnmonitor threshold is unset.

VPN monitoring for VPN <name_str> has been { enabled | disabled }

vpnmonitor interval is set to <number>

vpnmonitor threshold is set to <number>

The DF-BIT for VPN <name_str> has been set to { clear | set | copy }.

VPN <name_str> with gateway <name_str2>, { no-rekey | rekey }, and p2-proposal < name> has been { added | modified | deleted }.

VPN <name_str> with gateway <ip_addr> and SPI <hex_num1>/<hex_num2> has been { a dded | modified | deleted }.

IPSec NAT-T for VPN <name_str> has been { enabled | disabled }.

IP pool <name_str> with range <ip_addr1>-<ip_addr2> has been created

IP pool <name_str> with range <ip_addr1>-<ip_addr2> has been deleted

IP pool <name_str> with range <ip_addr1>-<ip_addr2> was removed

No IP pool has been assigned. You cannot allocate an IP address.

Information (00536) Receive UDP packets from <ip_addr1>/<port_num1> on interface <interface> <ip_add r2>/<port_num2>

VPN ID number cannot be assigned.

Zones Notification (00037) New zone <zone> (id: <id_num>) was created.

Zone <zone> (id: <id_num>) was deleted.

Zone <zone> was bound to virtual router <vrouter>.

Zone <zone> was unbound from virtual router <vrouter>.

Intra-zone block for zone <zone> was set to { on | off }.

Tunnel zone <zone1> was bound to out zone <zone2>.

Zone <zone> was changed to non-shared.

Copyright 2002 NetScreen Technologies, Inc. All rights reserved.