Cisco Secure Services Client Administrator Guide, Release 5.0 - Log Messages [Cisco Secure Services Client]

Table Of Contents

Cisco Secure Client Services Release 5.0
Log Messages

Cisco Secure Client Services Release 5.0
Log Messages

This appendix lists the log messages produced by Cisco Secure Cilent Services Release 5.0.

•Starting Cisco_SSCservice.exe: version number—indicates the SSC service is starting.

•Cisco Trust Agent successfully loaded

•Failed to load Cisco Trust Agent

•Password sent

•Certificate sent

•Manual user logon type logon processing initiated by user user id.

•Normal Shutdown version number—indicates a normal shutdown.

•Fatal Shutdown version number—indicates a fatal shutdown.

•Machine startup—indicates the client is begining its boot time processing.

•Account logon—indicates the client detected a user logon.

•SSO credentials (Microsoft)—indicates when the client collects credentials from the Microsoft GINA (whether they are used or not during a network authentication)

•Account logoff—indicates the client detects a user logoff

•Adapter detected Adapter Id —indicates a new adapter is detected in the system. The Adapter Id refers to the adapter's globally unique identifier (GUID).

•Adapter removed Adapter Id—indicates a previously reported adapter is lost (or removed)

•Adapter controlled Adapter Id—indicates control is taken of a particular adapter (the SSC intermediate driver begins to respond to network frames and attempt to set features of the adapter).

•Adapter Id Adapter control failed error code—indicates when the SSC client attempts to take control of an adapter but fails. The error code is an internal error code.

•{WPA | WPA2} unsupported. Adapter Id—indicates when control is taken of an adapter and if the adapter does or does not support WPA or WPA2.

•Wireless Zero Config deactivated Adapter Id— indicates when control was taken of an adapter that Wireless Zero Config was detected and automatically deactivated for that adapter.

•Adapter control released Adapter Id—indicates control was released for a particular adapter.

•Connection Association Started (WiFi Association /Encryption Mode)—when a connection is requested on a WiFi adapter an association must occur. This log message indicates the SSC client is attempting to associate to an ssid. WiFi Association/Encryption mode could be one of these values:

–Open

–Shared 40 bit key

–Shared 128 bit key

–Static WEP 40 bit key

–Static WEP 128 bit key

–Dynamic WEP 40 bit key

–Dynamic WEP 128 bit key

–WPA-Personal TKIP encryption

–WPA-Personal AES encryption

–WPA-Enterprise TKIP encryption

–WPA-Enterprise AES encryption

–WPA2-Personal TKIP encryption

–WPA2-Personal AES encryption

–WPA2-Enterprise TKIP encryption

–WPA2-Enterprise AES encryption

•Starting wired connection, skipping association

•Adapter Id Connection Association Success (link up)—indicates an association has completed

•successfully.

•Connection Association Failed. (Failure: error number)—indicates an association has not completed successfully. error number is an internal error code.

•Adapter Id Connection Authentication Started—indicates an authentication attempt was started.

•Adapter Id Identity requested - when an identity request comes in from the AP.

•Adapter Id Identity sent - whenever an identity is sent.

•Adapter Id EAP suggested by server: Authentication Method name—indicates an EAP authentication method was suggested by the server. Authentication Method name is one of these values:

–EAP-PEAP

–EAP-TTLS

–EAP-TLS

–EAP-LEAP

–EAP-MD5

–EAP-GTC

–EAP-FAST

–EAP-MSCHAPv2

–MSCHAPv2

–MSCHAP

–CHAP

–PAP

•Adapter Id EAP requested by client: (Authentication Method name, ..., Authentication Method name)—indicates an EAP authentication method was requested by the client. Authentication Method name is one of these values:

–EAP-PEAP

–EAP-TTLS

–EAP-TLS

–EAP-LEAP

–EAP-MD5

–EAP-GTC

–EAP-FAST

–EAP-MSCHAPv2

–MSCHAPv2

–MSCHAP

–CHAP

–PAP

•Adapter Id Port State Port State and Status Port status—indicates the state and status of the adapter's port.

Port State is one of values:

–AC_PORT_STATE_STOPPED - indicates port is stopped

–AC_PORT_STATE_CONNECTING - when it is waiting to start authentication

–AC_PORT_STATE_AUTHENTICATING - is actively performing the initial 802.1x authentication

–AC_PORT_STATE_AUTHENTICATED - successfully completed authentication

–AC_PORT_STATE_REAUTHENTICATING - is actively performing 802.1x reauthentication

–AC_PORT_STATE_UNAUTHENTICATED - when port wants to authenticate, but can't because of other conditions such as link is down or incorrect credentials

–AC_PORT_STATE_AUTH_NOT_REQUIRED - when 802.1x authentication is not required. This state only exists for wired adapters or wireless adapters in WEP mode.

Port status depends on the Port State value. This indicates a sub-state of the port state.

•Adapter Id FAST: unauthenticated provisioning supported—indicates FAST unauthenticated provisioning is supported by the adapter.

•Adapter Id FAST: phase 1 tunnel for unauthenticated provisioning

•Adapter Id Allowing session resumption—indicates when the SSC client begins a TLS-based authentication (PEAP, TTLS, FAST or TLS) and attempts session resumption with a previous session id.

•Adapter Id Authentication Success—indicates an authentication completed successfully.

•Adapter Id Authentication Failed—indicates an authentication completed unsuccessfully.

•Adapter Id IP Address Received: IP Address—indicates a connection received an IP Address.

•Adapter Id DHCP: Sending DHCP request.

•Adapter Id DHCP: Request failed.

•Adapter Id Wireless Zero Config reactivated for adapter

•Access Id WiFi access device has invalid channel number: SSID, channel

•Adapter Id Couldn't find pre-shared key in profile

•Adapter Id: EAP-TTLS method requested by client: method name

•Starting wifi connection, trying ssid ssid name

•Licensing: No license found.

•Licensing: License read: License string.

•License string: (do not translate) is the license string read from the license file.

•Licensing: License invalid (trial period expired License string, trial period).

•Licensing: License invalid (termination date reached: License string, termination date). termination date is the date in format yyyy-mm-dd that the license expired.

•Licensing: License invalid because product id does not match: License string, licensed product id

•Licensing: License invalid (OEM id does not match: License string, licensed OEM id)

•Licensing: License invalid (maintenance date reached: License string, maintenance date). The maintenance date value is the date in format yyyy-mm-dd that the license's maintenance expired.

•Licensing: License invalid (unknown problem: License string)

•Licensing: License is valid and accepted: License string.

•Licensing: Ignoring trial license. Tampering detected: License string—whenever the license history file fails decryption this message is output with each new trial license that is encountered.

•Licensing: License invalid, can not decode license: License string

•The configuration is invalid and will be ignored. Error: error string

•Trusted Server list empty, server can not be validated

•Validating the server: Authentication Server Id

•Server certificate validated: Authentication Server Id

•Authentication Session Id Server certificate invalid (unknown CA)

•Server certificate invalid (name mismatch: CN/DC/Alt name from server cert)

•Invalid key type in distribution package

•Outer method: invalid/unsupported inner authentication method: inner method

•Invalid outer EAP method: method name

•Outer method: No inner authentication methods configured

•Disallowed element in configuration: wireless adapters unlicensed

•Disallowed element in configuration: wired adapters unlicensed

•Disallowed element in configuration: EAP method: method name

•Disallowed element in configuration: Association mode: association mode

•Symbolic name: GUID of adapter, MacAddr: (MAC addrress of adapter), Mtu: (MTU size), Media: (percentage), Encryption: (encryption modes), Auth: (auth modes)

•Server certificate chain invalid

•Server certificate chain is not trusted

•Invalid wep key length: key length, should be %d or %d

•The wildcard (pattern string) in the pattern is unknown and will be removed

•Internal error error number, contact software manufacturer—indicates you should contact Cisco support.

	Cisco Secure Services Client Administrator Guide, Release 5.0
	Log Messages
Cisco Secure Services Client Administrator Guide, Release 5.0 Preface Enterprise Deployment Deployment Example Using the SSC Management Utility GUI Troubleshooting Postprocessing Verification Errors Log Messages	Download this chapter Log Messages Download the complete book PDF for the Cisco Secure Services Client Administrator Guide, Release 5.0 (PDF - 2 MB) Feedback Table Of Contents Cisco Secure Client Services Release 5.0 Log Messages Cisco Secure Client Services Release 5.0 Log Messages This appendix lists the log messages produced by Cisco Secure Cilent Services Release 5.0. •Starting Cisco_SSCservice.exe: version number—indicates the SSC service is starting. •Cisco Trust Agent successfully loaded •Failed to load Cisco Trust Agent •Password sent •Certificate sent •Manual user logon type logon processing initiated by user user id. •Normal Shutdown version number—indicates a normal shutdown. •Fatal Shutdown version number—indicates a fatal shutdown. •Machine startup—indicates the client is begining its boot time processing. •Account logon—indicates the client detected a user logon. •SSO credentials (Microsoft)—indicates when the client collects credentials from the Microsoft GINA (whether they are used or not during a network authentication) •Account logoff—indicates the client detects a user logoff •Adapter detected Adapter Id —indicates a new adapter is detected in the system. The Adapter Id refers to the adapter's globally unique identifier (GUID). •Adapter removed Adapter Id—indicates a previously reported adapter is lost (or removed) •Adapter controlled Adapter Id—indicates control is taken of a particular adapter (the SSC intermediate driver begins to respond to network frames and attempt to set features of the adapter). •Adapter Id Adapter control failed error code—indicates when the SSC client attempts to take control of an adapter but fails. The error code is an internal error code. •{WPA \| WPA2} unsupported. Adapter Id—indicates when control is taken of an adapter and if the adapter does or does not support WPA or WPA2. •Wireless Zero Config deactivated Adapter Id— indicates when control was taken of an adapter that Wireless Zero Config was detected and automatically deactivated for that adapter. •Adapter control released Adapter Id—indicates control was released for a particular adapter. •Connection Association Started (WiFi Association /Encryption Mode)—when a connection is requested on a WiFi adapter an association must occur. This log message indicates the SSC client is attempting to associate to an ssid. WiFi Association/Encryption mode could be one of these values: –Open –Shared 40 bit key –Shared 128 bit key –Static WEP 40 bit key –Static WEP 128 bit key –Dynamic WEP 40 bit key –Dynamic WEP 128 bit key –WPA-Personal TKIP encryption –WPA-Personal AES encryption –WPA-Enterprise TKIP encryption –WPA-Enterprise AES encryption –WPA2-Personal TKIP encryption –WPA2-Personal AES encryption –WPA2-Enterprise TKIP encryption –WPA2-Enterprise AES encryption •Starting wired connection, skipping association •Adapter Id Connection Association Success (link up)—indicates an association has completed •successfully. •Connection Association Failed. (Failure: error number)—indicates an association has not completed successfully. error number is an internal error code. •Adapter Id Connection Authentication Started—indicates an authentication attempt was started. •Adapter Id Identity requested - when an identity request comes in from the AP. •Adapter Id Identity sent - whenever an identity is sent. •Adapter Id EAP suggested by server: Authentication Method name—indicates an EAP authentication method was suggested by the server. Authentication Method name is one of these values: –EAP-PEAP –EAP-TTLS –EAP-TLS –EAP-LEAP –EAP-MD5 –EAP-GTC –EAP-FAST –EAP-MSCHAPv2 –MSCHAPv2 –MSCHAP –CHAP –PAP •Adapter Id EAP requested by client: (Authentication Method name, ..., Authentication Method name)—indicates an EAP authentication method was requested by the client. Authentication Method name is one of these values: –EAP-PEAP –EAP-TTLS –EAP-TLS –EAP-LEAP –EAP-MD5 –EAP-GTC –EAP-FAST –EAP-MSCHAPv2 –MSCHAPv2 –MSCHAP –CHAP –PAP •Adapter Id Port State Port State and Status Port status—indicates the state and status of the adapter's port. Port State is one of values: –AC_PORT_STATE_STOPPED - indicates port is stopped –AC_PORT_STATE_CONNECTING - when it is waiting to start authentication –AC_PORT_STATE_AUTHENTICATING - is actively performing the initial 802.1x authentication –AC_PORT_STATE_AUTHENTICATED - successfully completed authentication –AC_PORT_STATE_REAUTHENTICATING - is actively performing 802.1x reauthentication –AC_PORT_STATE_UNAUTHENTICATED - when port wants to authenticate, but can't because of other conditions such as link is down or incorrect credentials –AC_PORT_STATE_AUTH_NOT_REQUIRED - when 802.1x authentication is not required. This state only exists for wired adapters or wireless adapters in WEP mode. Port status depends on the Port State value. This indicates a sub-state of the port state. •Adapter Id FAST: unauthenticated provisioning supported—indicates FAST unauthenticated provisioning is supported by the adapter. •Adapter Id FAST: phase 1 tunnel for unauthenticated provisioning •Adapter Id Allowing session resumption—indicates when the SSC client begins a TLS-based authentication (PEAP, TTLS, FAST or TLS) and attempts session resumption with a previous session id. •Adapter Id Authentication Success—indicates an authentication completed successfully. •Adapter Id Authentication Failed—indicates an authentication completed unsuccessfully. •Adapter Id IP Address Received: IP Address—indicates a connection received an IP Address. •Adapter Id DHCP: Sending DHCP request. •Adapter Id DHCP: Request failed. •Adapter Id Wireless Zero Config reactivated for adapter •Access Id WiFi access device has invalid channel number: SSID, channel •Adapter Id Couldn't find pre-shared key in profile •Adapter Id: EAP-TTLS method requested by client: method name •Starting wifi connection, trying ssid ssid name •Licensing: No license found. •Licensing: License read: License string. •License string: (do not translate) is the license string read from the license file. •Licensing: License invalid (trial period expired License string, trial period). •Licensing: License invalid (termination date reached: License string, termination date). termination date is the date in format yyyy-mm-dd that the license expired. •Licensing: License invalid because product id does not match: License string, licensed product id •Licensing: License invalid (OEM id does not match: License string, licensed OEM id) •Licensing: License invalid (maintenance date reached: License string, maintenance date). The maintenance date value is the date in format yyyy-mm-dd that the license's maintenance expired. •Licensing: License invalid (unknown problem: License string) •Licensing: License is valid and accepted: License string. •Licensing: Ignoring trial license. Tampering detected: License string—whenever the license history file fails decryption this message is output with each new trial license that is encountered. •Licensing: License invalid, can not decode license: License string •The configuration is invalid and will be ignored. Error: error string •Trusted Server list empty, server can not be validated •Validating the server: Authentication Server Id •Server certificate validated: Authentication Server Id •Authentication Session Id Server certificate invalid (unknown CA) •Server certificate invalid (name mismatch: CN/DC/Alt name from server cert) •Invalid key type in distribution package •Outer method: invalid/unsupported inner authentication method: inner method •Invalid outer EAP method: method name •Outer method: No inner authentication methods configured •Disallowed element in configuration: wireless adapters unlicensed •Disallowed element in configuration: wired adapters unlicensed •Disallowed element in configuration: EAP method: method name •Disallowed element in configuration: Association mode: association mode •Symbolic name: GUID of adapter, MacAddr: (MAC addrress of adapter), Mtu: (MTU size), Media: (percentage), Encryption: (encryption modes), Auth: (auth modes) •Server certificate chain invalid •Server certificate chain is not trusted •Invalid wep key length: key length, should be %d or %d •The wildcard (pattern string) in the pattern is unknown and will be removed •Internal error error number, contact software manufacturer—indicates you should contact Cisco support.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks

Table Of Contents

Cisco Secure Client Services Release 5.0Log Messages

Cisco Secure Client Services Release 5.0
Log Messages