Feedback
Table Of Contents
Syslog Message Changes and Deletions
Syslog Message Changes and Deletions
This chapter includes the following topics:
See the security appliance Cisco Security Appliance System Log Messages for more information.
Changed Syslog Messages
•
112001
Old Syslog Message: %PIX-2-112001: (string:dec) PIX Clear complete
New Syslog Message: %PIX-2-112001: Clear finished
Change Reason: The filename and line number (string:dec) are undesirable in a syslog message. The PIX keyword is removed to make the syslog platform independent.
•
Old Syslog Message: %PIX-6-199002: PIX startup completed. Beginning operation
New Syslog Message: %PIX-6-199002: Startup completed. Beginning operation
Change Reason: The PIX keyword is removed from the body of the syslog message to make the syslog platform independent.
•
Old Syslog Message: %PIX-6-199005: PIX Startup begin
New Syslog Message: %PIX-6-199005: Startup begin
Change Reason: The PIX keyword is removed from the body of the syslog message to make the syslog platform independent.
•
Old Syslog Message: %PIX-3-201002: Too many connections on {static|xlate} global_address! econns nconns
New Syslog Message: %PIX-3-201002: Too many tcp connections on {static|xlate} global_address! econns nconns
Change Reason: This syslog is only applicable to TCP connection, hence the change.
•
Old Syslog Message: %PIX-3-208005: (function:line_num) pix clear command return code
New Syslog Message: %PIX-3-208005: Clear command return
Change Reason: The filename and line number are undesirable in a syslog message. The PIX keyword is removed to make the syslog platform independent.
•
Old Syslog Message: %PIX-6-308001: PIX console enable password incorrect for number tries (from IP_address)
New Syslog Message: %PIX-6-308001: Console enable password incorrect for number tries (from_IP address)
Change Reason: The PIX keyword is removed from the body of the syslog message to make the syslog platform independent.
•
Old Syslog Message: %PIX-3-315004: Fail to establish SSH session because PIX RSA host key retrieval failed
New Syslog Message: %PIX-3-315004: Fail to establish SSH session because RSA host key retrieval failed.
Change Reason: The PIX keyword is removed from the body of the syslog message to make the syslog platform independent.
•
Old Syslog Message: %PIX-6-606001: PDM session number number from IP_address started
New Syslog Message: %PIX-6-606001: ASDM session number number from IP_address started
Change Reason: The PDM keyword is changed to ASDM to update the syslog platform for ASDM.
•
Old Syslog Message: %PIX-6-606002: PDM session number number from IP_address ended
New Syslog Message: %PIX-6-606002: ASDM session number number from IP_address ended
Change Reason: The PDM keyword is changed to ASDM to update the syslog platform for ASDM.
•
Old Syslog Message: %PIX-6-611314: VPNClient: Load Balancing Cluster with Virtual IP: IP_address has redirected the PIX to server IP_address
New Syslog Message: %PIX-6-611314: VPNClient: Load Balancing Cluster with Virtual IP:%I has redirected firewall to server
Change Reason: The PIX keyword is removed to make the syslog platform independent.
Deleted Syslog Messages
•
Old Syslog Message: %PIX-1-103002: (Primary) Other firewall network interface interface_number OK
Deletion Reason: This syslog was not produced by PIX Version 6.3, nor will it be produced by PIX Security appliance Version 7.0.
•
Old Syslog Message: %PIX-1-105031: Failover LAN interface is up
Deletion Reason: Replaced by 105042.
•
Old Syslog Message: %PIX-1-105032: LAN Failover interface is down
Deletion Reason: Replaced by 105043.
•
Old Syslog Message: %PIX-1-105032: LAN Failover interface is down
Deletion Reason: Obsolete due to different implementation.
•
Old Syslog Message: %PIX-1-105035: Receive a LAN failover interface down msg from peer.
Deletion Reason: Obsolete due to different implementation.
•
Old Syslog Message: %PIX-1-105036: PIX dropped a LAN Failover command message.
Deletion Reason: Obsolete due to different implementation.
•
Old Syslog Message: %PIX-1-105037: The primary and standby units are switching back and forth as the active unit.
Deletion Reason: Obsolete due to different implementation.
•
Old Syslog Message: %PIX-3-109013: User must authenticate before using this service
Deletion Reason: This syslog not produced by PIX Version 6.3, nor will it be produced by PIX Security appliance Version 7.0.
•
Old Syslog Message: %PIX-7-109021: Uauth null proxy error
Deletion Reason: No longer relevant in this release.
•
Old Syslog Message: %PIX-6-309002: Permitted manager connection from IP_address.
Deletion Reason: Replaced by 605005 as per ICSA requirement.
•
Old Syslog Message: %PIX-2-201003: Embryonic limit exceeded nconns/elimit for outside_address/outside_port (global_address) inside_address/inside_port on interface interface_name
Deletion Reason: Obsolete due to different implementation.
•
Old Syslog Message: %PIX-3-210010: LU make UDP connection for outside_address:outside_port inside_address:inside_port failed
Deletion Reason: Obsolete due to different implementation.
•
Old Syslog Message: %PIX-3-210020: LU PAT port port reserve failed
Deletion Reason: Obsolete due to different implementation.
•
Old Syslog Message: %PIX-3-210021: LU create static xlate global_address ifc interface_name failed
Deletion Reason: Obsolete due to different implementation.
•
Old Syslog Message: %PIX-3-211003: CPU utilization for number seconds = percent
Deletion Reason: This is an error condition in the code; it is no longer relevant.
•
Old Syslog Message: %PIX-2-215001:Bad route_compress() call, sdb= number
Deletion Reason: The syslog number has changed to 216001.
•
Old Syslog Message: %PIX-3-302302: ACL = deny; no sa created
Deletion Reason: The code containing this syslog changed dramatically; it is no longer relevant.
•
Old Syslog Message: %PIX-6-309002: Permitted manager connection from IP_address
Deletion Reason: This is for PIX Firewall Management, which is no longer supported.
•
Old Syslog Message: %PIX-2-316001: Denied new tunnel to IP_address. VPN peer limit
(platform_vpn_peer_limit) exceeded
Deletion Reason: This is not applicable in the current release, as SOHO devices are not supported by this release.
•
Old Syslog Message: %PIX-3-320001: The subject name of the peer certificate is not allowed for connection
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-4-402101: decaps: rec'd IPSEC packet has invalid spi for destaddr=dest_address, prot=protocol, spi=number
Deletion Reason: The code containing this syslog changed dramatically; it is no longer relevant.
•
Old Syslog Message: %PIX-4-402102: decapsulate: packet missing {AH|ESP}, destadr=dest_address, actual prot=protocol
Deletion Reason: The code containing this syslog changed dramatically; it is no longer relevant.
•
Old Syslog Message: %PIX-4-402103: identity doesn't match negotiated identity (ip) dest_address= dest_address, src_addr= source_address, prot= protocol, (ident) local=inside_address, remote=remote_address, local_proxy=IP_address/IP_address/port/port, remote_proxy=IP_address/IP_address/port/port
Deletion Reason: The code containing this syslog changed dramatically; it is no longer relevant.
•
Old Syslog Message: %PIX-6-403500: PPPoE - Service name 'any' not received in PADO. Intf:interface_name AC:ac_name
Deletion Reason: PPPoE is not supported in the current release, customer would not see this syslog.
•
Old Syslog Message: %PIX-3-403501: PPPoE - Bad host-unique in PADO - packet dropped Intf:interface_name AC:ac_name
Deletion Reason: PPPoE is not supported in the current release, hence customers would not see this syslog.
•
Old Syslog Message: %PIX-3-403502: PPPoE - Bad host-unique in PADS - dropping packet. Intf:interface_name AC:ac_name
Deletion Reason: PPPoE is not supported in the current release, hence customers would not see this syslog.
•
Old Syslog Message: %PIX-4-404101: ISAKMP: Failed to allocate address for client from pool string
Deletion Reason: This has been replaced by 713132.
•
Old Syslog Message: %PIX-4-407001: Deny traffic for local-host interface_name:inside_address, license limit of number exceeded
Deletion Reason: This is not applicable in the current release.
•
Old Syslog Message: %PIX-5-501101: User transitioning priv level
Deletion Reason: The code containing this syslog changed dramatically; it is no longer relevant.
•
Old Syslog Message: %PIX-6-602102: Adjusting IPSec tunnel mtu...
Deletion Reason: The code containing this syslog changed dramatically; it is no longer relevant.
•
Old Syslog Message: %PIX-6-602201: ISAKMP Phase 1 SA created (local <ip>/<port> (initiator|responder), remote <ip>/<port>, authentication=<auth_type>, encryption=<encr_alg>, hash=<hash_alg>, group=<DH_grp>, lifetime=<seconds>) Change Reason: Replaced by more granular syslog, look at 713xxx
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: PIX-6-602203: ISAKMP session disconnected (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-6-602301: sa created...
Deletion Reason: This has been replaced by syslogs 713119 and 713120.
•
Old Syslog Message: %PIX-6-602302: deleting sa
Deletion Reason: This has been being replaced by 713113, 713169, 713170, 713194, 715009, 715052, 715067 and 715068.
•
Old Syslog Message: %PIX-6-603108: Built PPTP Tunnel at interface_name, tunnel-id = number, remote-peer = IP_address, virtual-interface = number, client-dynamic-ip = IP_address, username = user, MPPE-key-strength = number
Deletion Reason: PPPoE is not supported in the current release, hence customers would not see this syslog.
•
Old Syslog Message: %PIX-7-702201: ISAKMP Phase 1 delete received (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702202: ISAKMP Phase 1 delete sent (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702203: ISAKMP DPD timed out (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702204: ISAKMP Phase 1 retransmission (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702205: ISAKMP Phase 2 retransmission (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702206: ISAKMP malformed payload received (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702207: ISAKMP duplicate packet detected (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702208: ISAKMP Phase 1 exchange started (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702209: ISAKMP Phase 2 exchange started (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702210: ISAKMP Phase 1 exchange completed(local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702211: ISAKMP Phase 2 exchange completed(local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702212: ISAKMP Phase 1 initiating rekey (local <ip> (initiator|responder), remote <ip>)
Deletion Reason: This has been replaced by more granular syslogs (from 713001 to 713224).
•
Old Syslog Message: %PIX-7-702301: lifetime expiring...
Deletion Reason: Security associations do not expire in PIX Security appliance Version 7.0; this syslog is no longer relevant.
•
Old Syslog Message: %PIX-3-702302: replay rollover detected...
Deletion Reason: The code containing this syslog changed dramatically; it is no longer relevant.
•
Old Syslog Message: %PIX-7-702303: sa_request...
Deletion Reason: This syslog has been replaced by 713041, 713042, 713043 and 713176.
•
Old Syslog Message: %PIX-7-709002: FO unreplicable: cmd=command
Deletion Reason: This syslog was intended to catch programming errors and is no longer needed because of code changes.