 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
This chapter describes messages with the KMD prefix. They are generated by the key management process (kmd), which provides IP Security (IPSec) authentication services for encryption Physical Interface Cards (PICs).
Unable to allocate logical interface for IPSec interface from pool pool-name: pool not found
The key management process (kmd) maintains pools of logical interfaces for assignment to IP Security (IPSec) interfaces. It could not allocate a logical interface, because it could not access the indicated pool.
Error: An error occurred
error
Unable to return logical interface interface-name.interface-unit to pool pool-name: no entry in pool for interface
The key management process (kmd) maintains pools of logical interfaces for assignment to IP Security (IPSec) interfaces. It could not return the indicated logical interface to the indicated pool, because there was no entry for the interface in the pool.
Error: An error occurred
error
Unable to allocate logical interface for IPSec interface from pool pool-name: no interfaces available
The key management process (kmd) maintains pools of logical interfaces for assignment to IP Security (IPSec) interfaces. It could not allocate a logical interface, because none were available in the indicated pool.
Error: An error occurred
error
Unable to return logical interface to pool pool-name: pool not found
The key management process (kmd) maintains pools of logical interfaces for assignment to IP Security (IPSec) interfaces. It could not return a logical interface to the indicated pool, because it could not access the pool.
Error: An error occurred
error
Tunnel tunnel-name did not fail over: it is manual type
An IP Security (IPSec) tunnel normally fails over to its backup when the key management process (kmd) detects a dead peer. Failover was not attempted for the indicated tunnel, which is configured as a manual type and so does not support failover.
Error: An error occurred
error
Number of failover attempts exceeded limit count for tunnel tunnel-name
An IP Security (IPSec) tunnel fails over to its backup when the key management process (kmd) detects a dead peer. The key management process (kmd) stopped making failover attempts for the indicated tunnel, because the number of attempts exceeded the indicated limit configured for Internet Key Exchange (IKE) Phase 1 negotiations.
Error: An error occurred
error
Failover attempts can fail repeatedly if both the primary and backup peers are unreachable during the failover.
Tunnel tunnel-name did not fail over: no active peer configured
An IP Security (IPSec) tunnel normally fails over to its backup when the key management process (kmd) detects a dead peer. Failover was not attempted because the configuration for the indicated tunnel does not include information about an active peer.
Error: An error occurred
error
Tunnel tunnel-name did not fail over: no backup peer configured
An IP Security (IPSec) tunnel normally fails over to its backup when the key management process (kmd) detects a dead peer. A failover attempt failed when the kmd process found that the configuration for the indicated tunnel does not include information about a backup peer.
Error: An error occurred
error
Tunnel did not fail over: tunnel configuration not found
An IP Security (IPSec) tunnel normally fails over to its backup when the key management process (kmd) detects a dead peer. Failover was not attempted because there was no configuration information for the tunnel.
Error: An error occurred
error
Unable to send DPD reply to remote peer remote-address:remote-port: no IKE server instance for local peer local-address:local-port
The key management process (kmd) could not retrieve the Internet Key Exchange (IKE) server instance referenced by the indicated local peer (address and port), so it could not reply to the indicated remote peer (address and port) from the local peer.
Error: An error occurred
error
Unable to send DPD reply: local peer local-address; remote peer remote-address
One of the indicated peer addresses (local or remote) was invalid, so the key management process (kmd) could not send a dead peer detection (DPD) reply to the remote peer.
Error: An error occurred
error
Unable to send DPD reply: remote peer remote-address:remote-port provided invalid zero sequence number to local peer local-address:local-port
The indicated remote peer (address and port) provided a zero sequence number, which is invalid, to the indicated local peer (address and port). As a result, the key management process (kmd) could not send a dead peer detection (DPD) reply to the remote peer.
Error: An error occurred
error
Unable to send DPD hello message from local peer local-address/local-port: address not found in instance service-set
The indicated service set did not include an entry for the indicated local peer (address and port), so the key management process (kmd) could not send a dead peer detection (DPD) hello message from that peer.
Error: An error occurred
error
Remote peer address for tunnel tunnel-name changed from old-address to new-address
The remote peer address in the configuration for the indicated tunnel changed to a new value as indicated.
Event: This message reports an event, not an error
notice
Unable to send DPD reply: DPD entry for remote peer remote-address:remote-port not found in IKE server instance service-set
The Internet Key Exchange (IKE) server instance for the indicated service set did not include an entry for the indicated remote peer (address and port), so the key management process (kmd) could not send a dead peer detection (DPD) reply.
Error: An error occurred
error
DPD reply to remote peer remote-address:remote-port failed with unexpected status status for IKE server instance ike-instance
A dead peer detection (DPD) reply sent to the indicated remote peer (address and port) failed and returned the indicated Internet Key Exchange (IKE) status code for the indicated IKE instance.
Error: An error occurred
error
Invalid authentication algorithm auth-algorithm-id negotiated in transform transform-id for use by protocol-name in tunnel tunnel-name
During Internet Key Exchange (IKE) Phase 2 negotiation of the indicated transform, the indicated authentication algorithm was chosen to be used by the indicated protocol (Authentication Header [AH] or Encapsulating Security Payload [ESP]) for the indicated tunnel. The algorithm is not a valid value, so the associated security association (SA) was not established.
Error: An error occurred
error
Duplicate SA life duration value given in Quick Mode notification from remote-address:remote-port
The IKE Quick Mode notification message from the indicated remote gateway and remote port contains duplicate value for life duration. Hence Quick Mode notification payload is dropped.
Error: An error occurred
error
Unable to install dynamic SA for tunnel tunnel-name
Installation of a dynamic security association (SA) failed for the indicated tunnel during Internet Key Exchange (IKE) Phase 2.
Error: An error occurred
error
Invalid encryption algorithm negotiated in transform transform-id for use by ESP in tunnel tunnel-name
During Internet Key Exchange (IKE) Phase 2 negotiation of the indicated transform, an encryption algorithm was chosen to be used by the Encapsulating Security Payload (ESP) protocol for the indicated tunnel. The algorithm is not a valid value, so the associated security association (SA) was not installed to the data path.
Error: An error occurred
error
No IKE server to connect Phase-1 to remote-peer
The IKE Phase-1 negotiation with indicated remote gateway address failed because there is no corresponding IKE server running locally.
Error: An error occurred
error
Failed to connect to remote-address:remote-port as there is no IKE server context available in instance service-set
There is no local IKE server context in the indicated service set, hence failed to send the SPI delete notification request.
Error: An error occurred
error
Local peer local-address:local-port could not inform remote peer remote-address:remote-port of SA creation failure: IKE server not found
The key management process (kmd) could not connect to the indicated remote peer (address and port), because it could not locate a Internet Key Exchange (IKE) server for the indicated local peer (address and port). As a result, it could not notify the remote peer that a security association (SA) was not created.
Error: An error occurred
error
Unable to notify remote peer remote-address:remote-port that SPI was deleted: no IKE server for service set service-set
The indicated service set did not have a local Internet Key Exchange (IKE) server context for the indicated remote peer (address and port). As a result, notification about deletion of a security parameter index (SPI) was not sent.
Error: An error occurred
error
Aborting Phase-1 negotiation. Cannot initiate negotiation with invalid Phase-1 remote remote-peer in instance: service-set
The specified remote gateway identity is neither an IPv4 address nor an IPv6 address. Hence Phase-1 negotiation can not be started
Error: An error occurred
error
Inconsistent phase-2 (IPsec) identities, local : initiator = local-initiator responder = local-responder remote : initiator = remote-initiator responder = remote-responder
Initiator and responder identities at the local end are inconsistent with the remote peer's identities. Quick Mode negotiation is aborted.
Error: An error occurred
error
Invalid life type units-type found in the Quick Mode notification from remote-address:remote-port
The IKE Quick Mode notification message from the indicated remote gateway and remote port contains invalid life type. Second and Kilobytes are the only supported life types currently. Hence Quick Mode notification payload is dropped.
Error: An error occurred
error
Key type type not supported
The key management process (kmd) retrieved a key of the indicated type during Internet Key Exchange (IKE) Phase 1. The key type is not one of the supported types, which are public/private and preshared.
Error: An error occurred
error
Phase 2 lifetime notification message from remote peer remote-address:remote-port specified duplicate duration
During Internet Key Exchange (IKE) Phase 2 negotiation, the indicated remote peer (address and port) sent a lifetime notification message that specified a duplicate value for the security association (SA) lifetime duration. As a result, the key management process (kmd) discarded the notification message.
Error: An error occurred
error
Phase 2 lifetime notification message from remote peer remote-address:remote-port had unequal payload length
During Internet Key Exchange (IKE) Phase 2 negotiation, the indicated remote peer (address and port) sent a lifetime notification message with an unequal payload length. As a result, the key management process (kmd) discarded the notification message.
Error: An error occurred
error
Phase 2 lifetime notification message from remote peer remote-address:remote-port did not define duration
During Internet Key Exchange (IKE) Phase 2 negotiation, the indicated remote peer (address and port) sent a lifetime notification message that did not specify a duration for the security association (SA) lifetime. As a result, the key management process (kmd) discarded the notification message.
Error: An error occurred
error
Phase 2 lifetime notification message from remote peer remote-address:remote-port did not specify life type
During Internet Key Exchange (IKE) Phase 2 negotiation, the indicated remote peer (address and port) sent a lifetime notification message that did not specify a life type, making it impossible to determine the lifetime duration for the corresponding security association (SA). As a result, the key management process (kmd) discarded the notification message.
Error: An error occurred
error
Phase 2 lifetime notification message from remote peer remote-address:remote-port specified invalid units type units-type
During Internet Key Exchange (IKE) Phase 2 negotiation, the indicated remote peer (address and port) sent a lifetime notification message that specified the indicated type of units for the security association (SA) lifetime. The type is invalid (the acceptable units are seconds and kilobytes). As a result, the key management process (kmd) discarded the notification message.
Error: An error occurred
error
New Group mode not supported
Internet Key Exchange (IKE) New Group mode is not supported, so an attempt to start New Group negotiation failed.
Error: An error occurred
error
Duplicate life time payloads present in the notification from remote-address:remote-port. Dropping the notification.
The IKE Quick Mode notification message from the indicated remote gateway and remote port contains two life type fields and there is no life duration field. Quick Mode notification is being dropped since it has insufficient information about life duration.
Error: An error occurred
error
Quick mode notification from remote-address:remote-port contains lifetime duration without corresponding SA lifetime payload.
The IKE Quick Mode notification message from the indicated remote gateway and remote port does not contain life type, hence existing life duration cannot be interpreted to be of a particular life type. Quick Mode notification payload is dropped.
Error: An error occurred
error
Aborting Phase-1negotiation. No proposal found to initiatenegotiation between local:local-peer and remote remote-peer in instance:service-set
It is not possible to start the Phase-1 negotiation to the indicated remote gateway because there is no proposal present.
Error: An error occurred
error
Phase-1 SPD handler is not registered in instance:service-set
Phase-1 negotiation can not be initiated as initialization function failed.
Error: An error occurred
error
Policy lookup for Phase-1 [negotiation-role] failed for p1_local=local-peer p1_remote=remote-peer
The IKE Phase-1 negotiation with the indicated remote gateway address failed because there is no IKE policy configured for use against the indicated remote gateway.
Error: An error occurred
error
Policy lookup for Phase-2 [negotiation-role] failed for p1_local=local-peer p1_remote=remote-peer p2_local=local-prefix p2_remote=remote-prefix
The IKE Phase-2 negotiation with the indicated remote gateway address failed because the traffic selectors proposed by the remote gateway address do not match any of the policies configured for the indicated local gateway address. The proposed traffic selectors are indicated by the Phase-2 local and remote IP prefixes.
Error: An error occurred
error
Unable to read group attributes from IKE Phase 1 proposal
The key management process (kmd) could not read the information in an Internet Key Exchange (IKE) Phase 1 proposal about the Diffie-Hellman (DH) group to use.
Error: An error occurred
error
Used DH group 1 because Phase 1 proposal did not specify group
The key management process (kmd) assigned Diffie-Hellman (DH) group 1 to an Internet Key Exchange (IKE) Phase 1 proposal because no group was specified.
Event: This message reports an event, not an error
error
Unable to perform Phase 1 negotiation with remote peer remote-peer: no local IKE server
The key management process (kmd) could not locate an Internet Key Exchange (IKE) server for the local peer. As a result, IKE Phase 1 negotiation failed with the indicated remote peer.
Error: An error occurred
error
Unable to begin Phase 1 negotiation for local peer service-set and remote peer local-peer in instance remote-peer
Internet Key Exchange (IKE) Phase 1 negotiation did not begin, because either the local peer or remote peer was undefined for the indicated service set.
Error: An error occurred
error
No Phase 1 SPD handler registered for service set service-set
A security policy database (SPD) handler is not registered for the indicated service set. As a result, Internet Key Exchange (IKE) Phase 1 negotiation did not begin.
Error: An error occurred
error
Unable to retrieve Phase 1 policy from negotiation-role (local peer local-peer, remote peer remote-peer)
The key management process (kmd) could not retrieve a policy from the indicated participant to use during Internet Key Exchange (IKE) Phase 1 negotiation between the indicated local and remote peers.
Error: An error occurred
error
Unable to find policy for Phase 1 negotiation between local peer local-peer and remote peer remote-peer in service set service-set
The key management process (kmd) could not retrieve a policy for Internet Key Exchange (IKE) Phase 1 negotiation between the indicated local and remote peers in the indicated service set. As a result, Phase 1 did not begin.
Error: An error occurred
error
No ike-policy found for ike-access-profile: access-profile, instance:service-set
The key management process (kmd) could not retrieve the Phase 1 policy referenced by the indicated Internet Key Exchange (IKE) access profile for the indicated dynamic-endpoint service set.
Error: An error occurred
error
Phase 1 transform specified invalid protocol received-value instead of SSH_IKE_PROTOCOL_ISAKMP (expected-value)
The indicated protocol in a transform negotiated during Internet Key Exchange (IKE) Phase 1 is not a valid value. The only valid value is the Internet Security Association and Key Management Protocol (ISAKMP). The key management process (kmd) rejected the transform.
Error: An error occurred
error
Protocol in IKE Phase 1 proposal was not ISAKMP as expected
The protocol in an Internet Key Exchange (IKE) Phase 1 proposal was not the expected value, which is the Internet Security Association and Key Management Protocol (ISAKMP).
Error: An error occurred
error
Phase 1 transform included protocol protocol-id twice
A transform negotiated during Internet Key Exchange (IKE) Phase 1 specified the indicated protocol twice, which is invalid. The key management process (kmd) rejected the transform.
Error: An error occurred
error
Phase 1 transform was missing mandatory attributes
A transform negotiated during Internet Key Exchange (IKE) Phase 1 did not include values for all attributes. One or more the following was missing: the authentication algorithm, encryption algorithm, or Diffie-Hellman group. The key management process (kmd) rejected the transform.
Error: An error occurred
error
Phase 1 transform specified invalid transform ID received-value instead of expected-value
The indicated identifier for a transform negotiated during Internet Key Exchange (IKE) Phase 1 is not the indicated expected value. The key management process (kmd) rejected the transform.
Error: An error occurred
error
Phase 2 identities did not match: local initiator local-initiator, responder local-responder; remote initiator remote-initiator, responder remote-responder
The indicated initiator and responder identities defined by the local peer did not match the indicated identities defined by the remote peer. The key management process (kmd) canceled Internet Key Exchange (IKE) Phase 2 negotiation.
Error: An error occurred
error
Unknown Phase 2 notification notification-name (type notification-type, size length bytes) from remote-address:remote-port for protocol protocol-id (SPI(size)=data)
The indicated Internet Key Exchange (IKE) Phase 2 notification message from the indicated remote peer (address and port) is a type that the key management process (kmd) does not support. As a result, the kmd process discarded the message and Phase 2 negotiation failed.
Error: An error occurred
error
Unable to retrieve policy for Phase 2 from negotiation-role (Phase 1 local peer local-peer, remote peer remote-peer; Phase 2 local peer local-prefix, remote peer remote-prefix)
The key management process (kmd) could not retrieve a policy from the indicated participant to use during Internet Key Exchange (IKE) Phase 2 negotiation for the indicated local and remote peers. The traffic selectors proposed by the remote peer (represented by the indicated Phase 2 IP prefixes) do not match any local peer policies.
Error: An error occurred
error
Unable to start Phase 2: No traffic-selector addresses defined for SA sa-name
The configuration for the indicated security association (SA) did not include the information about local and remote traffic selectors required for Internet Key Exchange (IKE) Phase 2, so that phase did not begin.
Error: An error occurred
error
AH proposal did not define authentication algorithm
An Internet Key Exchange (IKE) Phase 2 proposal did not define the authentication algorithm for the Authentication Header (AH) protocol to use. The key management process (kmd) rejected the proposal.
Error: An error occurred
error
ESP proposal did not define encryption algorithm
An Internet Key Exchange (IKE) Phase 2 proposal did not define the encryption algorithm for the Encapsulating Security Payload (ESP) protocol to use. The key management process (kmd) rejected the proposal.
Error: An error occurred
error
Phase 2 proposal did not specify length for variable key-length cipher cipher
An Internet Key Exchange (IKE) Phase 2 proposal did not define the key length for the indicated variable-length cipher. As a result, the key management process (kmd) rejected the proposal.
Error: An error occurred
error
ESP was negotiated with null encryption and authentication
Encapsulating Security Payload (ESP) was negotiated as the protocol During Internet Key Exchange (IKE) Phase 2, but no values were negotiated for the authentication and encryption algorithms. As a result, the key management process (kmd) rejected the transform.
Error: An error occurred
error
Protocol protocol-id in Phase 2 proposal was invalid (was not AH or ESP)
An Internet Key Exchange (IKE) Phase 2 proposal specified the indicated protocol, which is invalid. The acceptable protocols as Authentication Header (AH) and Encapsulating Security Payload (ESP). The key management process (kmd) rejected the proposal.
Error: An error occurred
error
Invalid protocol protocol-id was negotiated for SA sa-name
During Internet Key Exchange (IKE) Phase 2, the indicated protocol was chosen for the indicated security association (SA). It is not a valid value, so the SA was not established.
Error: An error occurred
error
Unsupported IPComp protocol was negotiated for SA sa-name
During Internet Key Exchange (IKE) Phase 2, the IP Payload Compression Protocol (IPComp) was chosen for the indicated security association (SA). IPComp is not supported, so the SA was not established.
Error: An error occurred
error
Unsupported protocol ISAKMP or RESERVED was negotiated for SA sa-name
During Internet Key Exchange (IKE) Phase 2, either Internet Security Association and Key Management Protocol (ISAKMP) or the value RESERVED was chosen as the protocol for the indicated security association (SA). They are not supported values, so the SA was not established.
Error: An error occurred
error
No protocol negotiated for SA sa-name
While verifying the results of Internet Key Exchange (IKE) Phase 2, the key management process (kmd) determined that no protocol was negotiated for the indicated security association (SA). The SA was not established.
Error: An error occurred
error
Phase 1 negotiation failed: remote address remote-peer in instance service-set is invalid
Internet Key Exchange (IKE) Phase 1 negotiation failed because the indicated remote peer address in the indicated service set is not a valid IP version 4 (IPv4) or IP version 6 (IPv6) address.
Error: An error occurred
error
Unable to install negotiated Phase 2 values: SA sa-name configuration not found
The key management process (kmd) could not retrieve configuration information for the indicated security association (SA), and so could not record the values that were negotiated for the SA during Internet Key Exchange (IKE) Phase 2. The SA was not established.
Error: An error occurred
error
Rejected SA deletion request for service set service-set: SPI size (size) is not 4 (local peer local-address:local-port, remote peer remote-address:remote-port)
The key management process (kmd) discarded a message that requested deletion of a security association (SA) between the indicated local peer (address and port) and remote peer (address and port), because the indicated size of the associated Security Parameter Index (SPI) was not as expected. As a result, the SA was not deleted.
Error: An error occurred
error
Unable to generate pair index for SA sa-name in service set service-set
The key management process (kmd) could not generate a pair index for the indicated security association (SA) in the indicated service set. The kmd process canceled Internet Key Exchange (IKE) Phase 2 negotiation.
Error: An error occurred
error
No active peer found in tunnel configuration block sa-name
Failed to find active peer information in the tunnel configuration block. Hence unable to send SA delete notifications to the peer.
Error: An error occurred
error
Unable to find active peer for SA sa-name
The key management process (kmd) could not retrieve information about an active peer from the configuration for the indicated security association (SA). As a result, it could not notify peers that an SA was deleted.
Error: An error occurred
error
IKE Phase-2 delete:In instance service-set rejecting request to delete SPI size sizeu != 4 Local gateway local-address:local-port, Remote gateway remote-address:remote-port
The SPI size in the delete notification is invalid. Hence delete request is rejected. Quick Mode notification payload is dropped.
Error: An error occurred
error
Inconsistent payload lengths in Quick Mode responder life time notification from remote-address:remote-port
IKE Quick Mode notification is dropped because of unequal payload length received in the message.
Error: An error occurred
error
Invalid policy managerhandle to uninitialize service-set
Failed to uninitialize the Policy manager object while deleting the indicated service set.
Error: An error occurred
error
Unable to uninitialize service set service-set: invalid policy manager handle
The key management process could not delete the indicated service set, because lack of a valid handle prevented the kmd process from uninitializing the policy manager object for the service set.
Error: An error occurred
error
Failed to initiate the Phase-1 negotiation for local:local-peer and remote:remote-peer in instance:service-set
Phase-1 negotiation can not be started because either the local gateway identity or the remote gateway identity is unknown.
Error: An error occurred
error
No Phase-2 entities present in tunnel configuration block sa-name
Unable to initiate Phase-2 negotiation because of unknown local and remote traffic selectors in the indicated security association configuration block. For Adaptive Service PIC, the security association configuratin block refers to the tunnel configured under a service set with a given rule name and term name.
Error: An error occurred
error
Unknown Quick mode notification notification-name (notification-type) (size lengthubytes) from remote-address:remote-port for protocol=protocol-idd spi(sizeu)=data
The notification message sent by the indicated remote gateway and remote port is not recognized. Hence Quick Mode notification payload is dropped.
Error: An error occurred
error
Key type = type, not supported
The specified key type is unsupported. Public/Private and Pre-shared key are are the only types supported presently.
Error: An error occurred
error
New group mode not supported currently
The IKE New Group mode negotiations failed, because this is not a supported feature currently.
Error: An error occurred
error
PIC pic-slot sent additional response after reply to SNMP query: error-message
The indicated Physical Interface Card (PIC) sent an additional unexpected message after it responded to a request from the key management process (kmd) for Simple Network Management Protocol (SNMP) statistics about IP Security (IPSec) security associations (SAs). As a result, the kmd process discarded the initial response.
Error: An error occurred
error
Fatal SNMP error occurred: error-message
The key management process (kmd) could not retrieve Simple Network Management Protocol (SNMP) statistics about IP Security (IPSec) security associations (SAs), because the indicated fatal SNMP error occurred.
Error: An error occurred
error
Unable to fulfill SNMP request: could not fetch IKE server context for service set service-set
The key management process (kmd) could not retrieve the Internet Key Exchange (IKE) server context for the indicated service set. As a result, it could not process a request for Simple Network Management Protocol (SNMP) statistics.
Error: An error occurred
error
Unable to allocate memory for reply buffer; SNMP query to PIC pic-slot failed
The key management process (kmd) could not allocate memory for the buffer it uses to store Simple Network Management Protocol (SNMP) statistics about IP Security (IPSec) security associations (SAs). As a result, it could not retrieve statistics from the indicated Physical Interface Card (PIC).
Error: An error occurred
error
Unable to connect to PIC pic-slot; SNMP query failed
The key management process (kmd) could not open a connection to the indicated Physical Interface Card (PIC). As a result, it could not retrieve Simple Network Management Protocol (SNMP) statistics about IP Security (IPSec) security associations (SAs).
Error: An error occurred
error
PIC pic-slot did not respond to SNMP query: error-message
The indicated Physical Interface Card (PIC) did not respond to a request from the key management process (kmd) for Simple Network Management Protocol (SNMP) statistics about IP Security (IPSec) security associations (SAs).
Error: An error occurred
error
Unable to retrieve slot information for PIC pic-slot; SNMP query failed
The key management process (kmd) could not retrieve information about the slot housing the indicated Physical Interface Card (PIC). As a result, it could not retrieve Simple Network Management Protocol (SNMP) statistics about IP Security (IPSec) security associations (SAs) from the PIC.
Error: An error occurred
error
The DF-BIT for VPN vpn-name has been set to argument.
VPN DF bit status has been set.
Event: This message reports an event, not an error
info
VPN vpn-name from remote-address is down.
Notifiication to user that VPN monitor detects IPSec SA is down.
Event: This message reports an event, not an error
info
VPN vpn-name from remote-address is up.
Notifiication to user that VPN monitor detects IPSec SA is up.
Event: This message reports an event, not an error
info
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |