Cisco IOS XR System Error Message Reference Guide, Release 4.3.x
Security Messages
Downloads: This chapterpdf (PDF - 778.0 KB) The complete bookPDF (PDF - 18.29 MB) | Feedback

Table of Contents

Security Messages

AAA_BASE Messages

aaa_task Messages

AAA Messages

ACCTD Messages

ACE_GRP Messages

ACE_LC Messages

ACE_QAD Messages

ACE_TSB_LC Messages

CEPKI Messages

COND_DEB_RP Messages

IKE_CLIENT Messages

IKE Messages

IKEv2 Messages

IMP Messages

IPP Messages

IPSEC Messages

KEYCHAIN Messages

LOCALD Messages

login Messages

MPP Messages

PKI Messages

RADIUSD Messages

SAM Messages

SANOS Messages

sIMP Messages

SPM Messages

SSHD Messages

TACACSD Messages

VFW Messages

Security Messages

This section contains all Security related System Error Messages, such as AAA, IPSec and related protocols, and so forth.

AAA_BASE Messages

Error Message %SECURITY-AAA_BASE-3-ERROR

Error: ’[chars]’. [chars]

Explanation Error encountered while running AAA Base

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA_BASE-4-WARNING

Warning: ’[chars]’. [chars]

Explanation An internal software error has occurred

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA_BASE-7-DEBUG

Debug: ’[chars]’

Explanation Informational log only

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

aaa_task Messages

Error Message %SECURITY-aaa_task-3-DEBUG_ERROR

[chars]: [chars]

Explanation Error message from AAA task debug module

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-aaa_task-3-DLLMAIN_ERROR

Error encountered in dllmain for [chars]: [chars]

Explanation Error message from debug module

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-aaa_task-3-INVALID_AAA_TASK_DEBUG_FLAG

AAA task debug flag [dec] does not exist

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-aaa_task-7-GENERIC_ERROR

[chars]: [chars]

Explanation Internal debugging message.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

AAA Messages

Error Message %SECURITY-AAA-3-DEBUG_ERROR

[chars]: [chars]

Explanation Encountered an error in debug module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-DEBUG_ERROR

[chars]: [chars]

Explanation Error encountered in debug module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-DES_INIT_FAIL

[chars]: DES initialization failed

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-DLL_INIT_ERROR

[chars]: [chars]

Explanation Error encountered while initializing AAA client library DLL.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-DLLMAIN_ERROR

Error encountered while initializing DLL for [chars]: [chars]

Explanation Error message from DLL initialization module

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-ERR_SERVER_GROUP

[chars]

Explanation None at this time

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-ERROR_NO_MEM

Not enough memory available while [chars]

Explanation Failed to allocate necessary memory.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-INVALID_DEBUG_FLAG

The AAA debug flag [dec] does not exist

Explanation The debug flag specified is not supported.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-LIB_UTIL_ERROR_NO_MEM

Not enough memory available while [chars]

Explanation Failed to allocate memory.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-3-SYSDB_BIND_ERROR

sysdb_bind returned error :[chars] in function :[chars]

Explanation Error while trying to bind to sysdb.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-4-WHITESPACE_TRUNCATED_IN_SERVER_KEY

WARNING: The server key contained trailing whitespace and was truncated

Explanation Whitespace is not allowed at the end of a server key.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-7-ERR_ECM

Failed to open event connection for a [chars]: [chars]

Explanation The initial connection failed, but a retry has been successfully rescheduled.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-AAA-7-ERR_SYSDB

[chars] path [chars]: [chars]

Explanation ’Failed to execute a SysDB operation’

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

ACCTD Messages

Error Message %SECURITY-ACCTD-3-AMBIGUOUS_PASSWD

Password which is a single digit is not permitted

Explanation Single digit passwords are not allowed.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-BAG_ENCODE_ERR

Failed to encode [chars] bag: [chars]

Explanation Failed to encode a bag.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-BAGS_UNREG_ERR

Failed to unregister [chars] bag: [chars]

Explanation Failed to unregister a bag.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-DB_CLEAR_FAILED

Clearing the [chars] DB failed. DB state is unknown

Explanation Error encountered when attempting to clear the DB. DB might be in any state now & so usage of hat DB might fail with unexpected results.

Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Also, restarting the acctd DB process might help recover.

Error Message %SECURITY-ACCTD-3-DEBUG_ERROR

[chars]: [chars]

Explanation Error encountered in debug module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-EDM_INIT_ERR

Failed to register EDM - [chars]

Explanation Failed to initialize EDM.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-ERR_INVALID_GROUP

[chars]: [chars]

Explanation AAA failed to recognize the specified server group name. It may be undefined.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-ERR_THREAD_FN

[chars]: pthread [chars] failed: [chars]

Explanation The call to pthread functions, such as pthread_create, lock/unlock a mutex or wait on a condition, failed. The error is displayed in the message.

Recommended Action *SH_TECH*

Error Message %SECURITY-ACCTD-3-ERR_UNSUPPORTED_GROUP

Group [chars] is not valid for [chars]

Explanation RADIUS does not support command authorization and command accounting.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-INSUFFICIENT_BUFFER_SIZE

Buffer size is insufficient to hold the required data: [chars]

Explanation A buffer is required in order to fill a certain data but the buffer size was too small.

Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-LIST_UNDEFINED

Method list [chars] is not defined

Explanation Trying to configure a method list in the line configuration that is not defined in AAA

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-LWA_ADD_DIR_FAIL

Failed to add the username [chars] to lightweight authentication password database - [chars]. (Please remove/rename the file ’/disk0:/AAA’, which is in conflict with the directory ’/disk0:/aaa/’.)

Explanation A file with the same name as aaa directory detected.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-LWA_ADD_FAIL

Failed to add the username [chars] to lightweight authentication password database: [chars]

Explanation Failed to enable this user to log into ksh.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-LWA_REM_FAIL

Failed to remove the username [chars] from lightweight authentication password database - [chars]

Explanation Failed to remove a username from the LWA DB.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-MEMORY

Failed to malloc [unsigned int] bytes

Explanation acctd failed to allocate the required amount of memory.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-MSG_ERROR

[chars]: [chars]

Explanation Error encountered while handling messages received by acctd.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-MSG_SIZE_ERR

[chars]: Size ([dec]) - [chars]

Explanation An internal error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-PLANE_MISMATCH

The username ’[chars]’ is already configured in the other plane (Admin/LR), please choose a different one

Explanation The username has to be unique across the Admin and LR plane.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-RED_STATE_ERROR

Error on changing redundancy state to [chars]: [chars]

Explanation Error encountered during redundancy state transistion.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-ROOT_USERDB_INIT_FAIL

[chars]: path [chars], error: [chars]

Explanation Accounting daemon failed to create/remove the root user database on the disk0. This will affect authentication to ksh since it refers to this database.

Recommended Action As a workaround an admin could create this directory in disk0 himself. This should get around the problem.

Error Message %SECURITY-ACCTD-3-ROOT_USERDB_LOCK_ERR

Failed lock operation ’[chars]’. Error: [chars]

Explanation A lock operation on shared resource, called by acctd lwDB failed due to the mentioned error.

Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-SETPRIO_FAILED

Changing priority of acctd failed: [chars]

Explanation Changing acctd priority failed.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-SHMWIN_INIT_FAILURE

Failed to initialize shared memory used for AAA configuration - [chars]

Explanation Failed to initialize shared memory window

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-SHUTDOWN_ERROR

[chars]: [chars]

Explanation acctd process failed to shutdown properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-SIGEVENT_SEND_FAIL

Failed to send sigevent to [chars] - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-STARTUP_ERROR

[chars]: [chars]

Explanation acctd process failed to startup properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-3-STBY_INIT_ERR

Failed to initialize standby - [chars]

Explanation Failed to initialize acctd on standby node.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-4-ACCT_FAILURE

Failed to send the accounting record for request id [dec] - [chars]

Explanation Failed to send an accounting record to RADIUS or TACACS+ server

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-4-ACCT_TIMEOUT_FAILURE

Failed to handle timeout for sending an accounting record (request id [dec]) - [chars]

Explanation Failed to send an accounting record to RADIUS or TACACS+ server

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-4-CERR_REGISTER

[chars]: [chars]

Explanation acctd failed to register error codes.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-4-CHKPT_REGISTER_FAILURE

Error encountered while registering the checkpoint table [chars] - [chars]

Explanation Encountered a checkpoint register failure

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-4-CHKPT_RESTORE_FAILURE

Error encountered while recovering from checkpoint table [chars] - [chars]

Explanation Encountered a checkpoint recovery failure

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-4-CHKPT_SAVE_FAILURE

Error encountered while saving to checkpoint table [chars] - [chars]

Explanation Encountered a checkpoint save failure

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-4-PASSWD_ALREADY_EXISTS

Warning: The password is configured too for user ’[chars]’

Explanation An internal software error has occurred

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-4-SECRET_ALREADY_EXISTS

Warning: The secret is configured too for user ’[chars]’

Explanation An internal software error has occurred

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-7-ERR_SYSDB_FD

[chars] [chars]: [chars]

Explanation Error encountered while using the System Database.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-7-ERR_TTYMGMT_FD

[chars]: [chars]

Explanation Error encountered while using TTY management library.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-ACCTD-7-GENERIC_ERROR

[chars]: [chars]

Explanation Generic error message used for internal debugging.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

ACE_GRP Messages

Error Message %SECURITY-ACE_GRP-3-ERROR

[chars]: [chars]

Explanation An error occurred in ace_grp dll

Recommended Action *SH_TECH*

ACE_LC Messages

Error Message %SECURITY-ACE_LC-0-ACE_SYSLOG_EMERG

[[dec]][chars]

Explanation ACE SPA SYSLOG message

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_LC-1-ACE_SYSLOG_ALERT

[[dec]][chars]

Explanation ACE SPA SYSLOG message

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_LC-2-ACE_SYSLOG_CRIT

[[dec]][chars]

Explanation ACE SPA SYSLOG message

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_LC-2-ACE_SYSLOG_ERR

[[dec]][chars]

Explanation ACE SPA SYSLOG message

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_LC-3-ACE_SYSLOG_ERR

[[dec]][chars]

Explanation ACE SPA SYSLOG message

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_LC-3-ERR

[chars]: [chars]

Explanation ACE Driver Fatal Error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_LC-4-ACE_SYSLOG_WARNING

[[dec]][chars]

Explanation ACE SPA SYSLOG message

Recommended Action ’If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_LC-4-WARNING

[chars]: [chars]

Explanation ACE driver warning message.

Recommended Action ’If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_LC-5-ACE_SYSLOG_NOTICE

[[dec]][chars]

Explanation ACE SPA SYSLOG message

Recommended Action ’No action is required.’

Error Message %SECURITY-ACE_LC-6-ACE_SYSLOG_INFO

[[dec]][chars]

Explanation ACE SPA SYSLOG message

Recommended Action ’No action is required.’

Error Message %SECURITY-ACE_LC-6-INFO

[chars]: [chars]

Explanation ACE driver Informational message

Recommended Action ’No action is required.’

ACE_QAD Messages

Error Message %SECURITY-ACE_QAD-3-ERR

[chars] [dec] [chars]

Explanation ACE QAD Erros

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

ACE_TSB_LC Messages

Error Message %SECURITY-ACE_TSB_LC-3-ERR

[chars]

Explanation ACE TSB Fatal Error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_TSB_LC-6-INFO

[chars]: [chars]

Explanation ACE TSB Informational message

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_TSB_LC-6-WARNING

[chars]: [chars]

Explanation ACE TSB warning message.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-ACE_TSB_LC-7-DEBUG

[chars]: [chars]

Explanation ACE TSB Debug Information

Recommended Action ’No action is required.’

CEPKI Messages

Error Message %SECURITY-CEPKI-6-ERR

[chars]

Explanation CEPKI general error message with one prameter.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-CEPKI-6-ERR_2

[chars] [chars]

Explanation CEPKI general error message with two prameters.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-CEPKI-6-INFO

[chars]

Explanation CEPKI general info message with one prameter.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-CEPKI-6-WARNING

[chars]

Explanation CEPKI general warning message.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

COND_DEB_RP Messages

Error Message %SECURITY-COND_DEB_RP-3-INSUFMEM

Failed to allocate memory

Explanation The requested operation could not be accomplished because of a low memory condition.

Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.

Error Message %SECURITY-COND_DEB_RP-3-NOCONDDBG

Crypto conditional debug does not work.

Explanation The request to use condition for a crypto debug message could not be accomplish.

Recommended Action If displaying of crypto debug messages is needed, please use regular crypto debug mechanism instead of conditional crypto debug mechanism.

Error Message %SECURITY-COND_DEB_RP-3-NOIPCONDDBG

Crypto conditional debug using IP address does not work.

Explanation The request to use using IP address as condition for a crypto debug message could not be accomplish.

Recommended Action If displaying of crypto debug messages is needed, please use regular crypto debug mechanism instead of conditional crypto debug mechanism.

Error Message %SECURITY-COND_DEB_RP-6-ILLIPVAL

Illegal IP-address/IP-mask was configured.

Explanation Illegal IP-address and/or IP-mask were configuring as condition to crypto debug message.

Recommended Action Fix the values of IP-address and/or IP-mask in the ’ìdeugb condition crypto IPv4...’ Öî command.

IKE_CLIENT Messages

Error Message %SECURITY-IKE_CLIENT-3-MQ_SEND_FAIL

[chars]:Failed to send IPC using mq_send. reason: [chars]

Explanation Failed to send IPC message to IKE process. Most likely casue the process is too busy

Recommended Action ’contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact error message seen’

Error Message %SECURITY-IKE_CLIENT-4-WARNING

[chars]

Explanation Internal Warning.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

IKE Messages

Error Message %SECURITY-IKE-2-ERR_NO_MEMORY

Failed to allocate memory.

Explanation A memory allocation failure has occurred from which the process cannot automatically recover.

Recommended Action ’The process must be restarted to ensure correct operation. If memory is repeatedly exhausted upgrade to a larger memory configuration.’

Error Message %SECURITY-IKE-3-ACCT_MSG_TX_FAILURE

Failed to send an Accounting record of type: [chars], error: [chars]

Explanation An error occurred while attempting to send an accounting record to the external AAA server

Recommended Action ’Check AAA connectivity, otherwise contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact error message seen’

Error Message %SECURITY-IKE-3-ADD_KEY_FAIL

IKE detects failure adding key, name [chars], ip address [unsigned int]

Explanation IKE found failure when adding key

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-AUTHENTICATION_FAILED

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Authentication method [dec] failed with peer.

Explanation The IKE process was unable to authenticate its security association with its remote peer.

Recommended Action ’Contact the remote peer’s administrator.’

Error Message %SECURITY-IKE-3-BAD_CERT_USE

IKE detects bad certificate was used, [chars], [chars]

Explanation IKE found bad certificate was used

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-BAD_DOI_NOTIFY

IKE detects bad DOI notify, DOI is [dec], address is [unsigned int]

Explanation IKE found bad DOI notify

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-BADMAGIC

Bad [chars] magic number ([hex]).

Explanation ’An internal software error.’

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-CRYPTO_FAILURE

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: EN/DE-crypto services failure, [chars] during [chars].

Explanation IKE found failure returned from encryption/decryption service.

Recommended Action ’Contact remote peer’s administrator.’

Error Message %SECURITY-IKE-3-ERR_2_PARAM

[chars], [chars]

Explanation IKE general error message with two prameters.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-ERR_EMPTY_SESSION

Session node empty (no ipsec/ike SAs) DB maybe inconsisten. Peer [chars]/[dec] vrf [chars]

Explanation Internal error, Session node does not include any ipsec and ike SAs, This indicates an internal data structure inconsistency.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-ERROR

[chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-FAILED_TO_CREATE_SKEYID

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Failed to compute SKEYSEED.

Explanation Failed to generate SKEYID.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-GROUP_AUTHOR_FAILED

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars]. grpname equals [chars].

Explanation Group authorization failed.

Recommended Action ’Check AAA connectivity’

Error Message %SECURITY-IKE-3-GROUP_CONFIG_UPLOAD_LOCAL_AAA_FAILED

Failed to upload the IKE groups from the running config to the local AAA server. rc equals [dec], errpr equals [chars]

Explanation An error occured while the IKE process was uploading its localy configured groups to the localy running AAA server. This means that the system is in inconsistent state. the IKE groups that are seen in the running config are not configured in the local AAA DB that can be seen using ’show aaa ikegroups’.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-IKE-3-IKEINIT

[chars]

Explanation An IKE initialization error

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-INTF_PARAMS_FAILURE

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars] Interface: [chars].

Explanation [1] When an interface is configured with a VRF that is not configured globally, it is treated as invalid VRF. SAs should not be created on this interface. [2] When an interface state is not UP SAs should not be created on this interface.

Recommended Action [1] ’Make sure to use interfaces with valid VRF’ [2] ’Make sure to use interfaces with state UP’

Error Message %SECURITY-IKE-3-INVALID_CERT

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: IKE detects invalid certificate - [chars].

Explanation The certificate given by remote peer has either been revoked or expired (certificate invalid) or the signature check on the certificate failed (bad signature).

Recommended Action ’Contact the CA of the remote peer. Possibly bad CA certificate.’

Error Message %SECURITY-IKE-3-IP_AP_NOTIFY_INUSE_ADDRESS_FAILED

Failed to notify about a used IP address to the Address Pool component. pool equals [chars], vrf equals [chars], IP equals [chars], err equals [chars]

Explanation An error occurred while attempting to notify IP local Address Pool about used addresses

Recommended Action ’Try to disable ipsec-chkpt and restart IKE process’

Error Message %SECURITY-IKE-3-IP_POOL_FREE_FAILURE

Failed to free a local pool IP address : poolname equals [chars], ip equals [chars]

Explanation An error occurred while attempting to free an IP address back to the local pool

Recommended Action ’It may be possible to rectify the problem by restarting ip_ap process.’

Error Message %SECURITY-IKE-3-KEY_NOT_FOUND_IN_PROFILE

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Key not found in ISAKMP profile ’[chars]’.

Explanation In Main Mode, The ID payloads are exchanged only in MM5 and MM6. Since keyring material is needed in earlier stages of the negotiation, it is looked up based on peer address. This error is seen when the selected keyring appears to not match the keyring configured under the ISAKMP profile for that peer.’

Recommended Action ’Make sure that the keyring in which the key exist is attached to the ISAKMP profile’

Error Message %SECURITY-IKE-3-LOCAL_ADDRESS_FAILURE

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars]. grpname equals [chars], username equals [chars], pool equals [chars].

Explanation Failed to allocate IP address for client.

Recommended Action ’Make sure ip local pool is defined and has at least one free address (’show local pool’), also make sure that the specific pool is assigned to the proper ISAKMP profile (’show crypto isakmp profile’), otherwise contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact log message received.’

Error Message %SECURITY-IKE-3-MALFORMED_MESSAGE

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: IKE message failed its sanity check or is malformed.

Explanation A quick sanity check is done on all received ISAKMP messages to verify that all component payload types are valid, and that the sum of their individual lengths equals the total length of the received message. This message failed the sanity check. This continous bad messages could imply denial of service attack

Recommended Action ’Contact the remote peer’s administrator’

Error Message %SECURITY-IKE-3-MQ_FAIL

[chars]:Failed on [chars]:[chars]

Explanation An internal software error occurred.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-MQ_SEND_FAIL

[chars]:Failed to send IPC using mq_send. reason: [chars]

Explanation Failed to send IPC message to IKE process. Most likely casue the process is too busy

Recommended Action ’contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact error message seen’

Error Message %SECURITY-IKE-3-NO_POLICY_FOUND

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: No cert, encryption key or pre-shared address key with peer.

Explanation Failed to derive peer key through either of the following ways: pre-shared keys, RSA keys, or certiifcates. Applies only to initiator mode.

Recommended Action ’Contact administrator’

Error Message %SECURITY-IKE-3-PACKET_PROCESS_FAILURE

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Failed to process the packet, probably results from internal error.

Explanation This error message implies a severe error condition, likely as result of internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-PHASE2_PROPOSAL_NOT_CHOSEN

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Phase-II: peer proposal rejected.

Explanation Phase-II parameters negotiation failed with peer.

Recommended Action ’Contact the remote peer’s administrator’

Error Message %SECURITY-IKE-3-POLICY_MISMATCH

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: No offers accepted.

Explanation Phase I policy parameters negotiation failed with peer.

Recommended Action ’Contact the remote peer’s administrator’

Error Message %SECURITY-IKE-3-PRESHARED_KEY_NOT_FOUND

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Failed to find pre-shared key. grpname equals [chars], username equals [chars].

Explanation Failed to find pre-shared key.

Recommended Action ’Contact administrator’

Error Message %SECURITY-IKE-3-PROFILE_NOT_FOUND

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars] [chars].

Explanation [1] No ISAKMP profile found matching peer identity. applicable to RESPONDER mode only. [2] No ISAKMP profile found matching interface name. applicable only to INITIATOR mode. [3] Peer identity doesn’t match the ISAKMP profile associated with the interface. applicable only to INITIATOR mode.

Recommended Action [1] ’Make sure an ISAKMP profile exists for peer match-id’ [2] ’Make sure that the ISAKMP profile is attached to the proper interface’ [3] ’Make sure that the ISAKMP profile attached to the interface matches peers identity’

Error Message %SECURITY-IKE-3-QUICK_MODE_TIMER_EXPIRED

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Timer to complete phase-I has expired.

Explanation We can’t wait forever before we start quick-mode and initiate phase II.

Recommended Action ’The most likely reason for failing to start phase2 is that the process failed to complete phase1. In this case, it should have also logged another message which should appear immediately before this one.’

Error Message %SECURITY-IKE-3-RADIUS_USER_AUTHEN_FAIL

[[chars] ([char]) with peer:[chars] fvrf:[chars]] AAA user ’[chars]’ authentication failed

Explanation AAA user authentication faild.

Recommended Action ’Make sure you use the correct username and password, otherwise contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact log message received’

Error Message %SECURITY-IKE-3-RETRANSMISSION_LIMIT

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Retransmission limit exceeded.

Explanation Retransmission limit exceeded.

Recommended Action ’Contact administrator’

Error Message %SECURITY-IKE-3-RSA_PUBLIC_KEY_NOT_FOUND

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars].

Explanation Failed to query RSA key.

Recommended Action ’Check the subject name in the certificate.’

Error Message %SECURITY-IKE-3-SA_NOT_AUTH

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Cannot accept Quick Mode exchange if SA is not authenticated.

Explanation The IKE security association with the remote peer was not authenticated; yet the peer attempted to begin a Quick Mode exchange. This exchange must only be done with an authenticated security association.

Recommended Action ’Contact remote peer’s administrator.’

Error Message %SECURITY-IKE-3-SA_NOT_OFFERED

IKE detects SA not being offered [unsigned int], [chars]

Explanation IKE found SA not offered

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-3-USER_AUTHEN_REJECTED

[[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars]. grpname equals [chars], username equals [chars].

Explanation Processing of phase 1.5 (xauth) with peer failed.

Recommended Action ’Make sure the password delivered is indeed matching the client, otherwise contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact log message received’

Error Message %SECURITY-IKE-4-BAD_DOI_SA

[[chars] ([char]) with peer:[chars] fvrf:[chars]] Invalid DOI value: [dec] in a SA offer.

Explanation The DOI field in a SA offer is needed for message parsing. SA offer with unknown DOI can’t be parsed.

Recommended Action ’If this situation persists contact the remote peer’s administrator’

Error Message %SECURITY-IKE-4-CERT_DOESNT_MATCH_ID

[[chars] ([char]) with peer:[chars] fvrf:[chars]] Certificate doesn’t match [chars] ID:[chars], id_type:[dec],cert:[chars].

Explanation Peers claimed identity doesn’t match what we can glean from the certificate.

Recommended Action ’Contact remote peer and/or his administrator if session doesn’t come up’

Error Message %SECURITY-IKE-4-CERT_ISNT_TRUSTED_ROOT

[[chars] ([char]) with peer:[chars] fvrf:[chars]] Certificate issuer name:[chars] is not a trusted root.

Explanation During IKE phase-I signature verification, the initiator will send a list of its CA certificates. This warning will be printed by the responder if none of the CAs in the list is a trusted root. Note this is not necessarily an error, as there may be multiple cert-req payloads

Recommended Action ’Contact remote peer and/or his administrator if session doesn’t come up’

Error Message %SECURITY-IKE-4-INCOMING_PKT_TOO_BIG

ISAKMP packet from [chars] is larger ([dec]) than the maximum size permitted.

Explanation The packet size is limited to 32K, in case that peer sends out long length info forcing large buffer allocation (DOS).

Recommended Action ’Contact the remote peer and/or his administrator’

Error Message %SECURITY-IKE-4-IPV4_ROUTES_TOO_MANY

[[chars] ([char]) with peer:[chars] fvrf:[chars]] Too many IPV4 routes from spoke, got [dec], max routes supported [dec]

Explanation Spoke sent too many IPV4 routes during negotiation.

Recommended Action ’configure spoke with less routes’

Error Message %SECURITY-IKE-4-MESSAGE_NOT_PROCESSED

Message is not processed, ike is disabled.

Explanation Trying to initiate a tunnel while ike is disabled. The request message for establishing the tunnel is not processed and dropped.

Recommended Action ’Enable ike by configuring crypto isakmp command’

Error Message %SECURITY-IKE-4-NO_SA

No SA found for peer (src:[chars] fvrf:[chars]) and it is not an initial offer.

Explanation No security association exists for this packet and it is not an initial offer from the peer to establish one. These errors could imply denial of service attack.

Recommended Action ’Contact the remote peer and/or his administrator’

Error Message %SECURITY-IKE-4-OUTGOING_PKT_TOO_BIG

ISAKMP packet is too long. Size:[dec] bytes, max allowed:[dec] bytes.

Explanation Trying to send an ISAKMP packet that is above the maximum UDP packet size allowed. That can happen if an inordinately large number of IKE policies were being proposed by the initiator.

Recommended Action ’Try to reduce the number of ISAKMP policies configured’

Error Message %SECURITY-IKE-4-PACKET_NOT_ENCRYPTED

[[chars] ([char]) with peer:[chars] fvrf:[chars]] IKE Packet wasn’t encrypted and it should have been.

Explanation Received packet should have been encrypted by peer but wasn’t.

Recommended Action ’Contact remote peer’s administrator’

Error Message %SECURITY-IKE-4-PACKET_OVERFLOW

ISAKMP message from [chars] (fvrf [chars]) larger ([dec]) than the UDP packet length ([dec])

Explanation ISAKMP data is a payload of UDP packet, as such its length should be less than the UDP length. Each ISAKMP message has its own message length field. The message length field of this message was greater than the length of the UDP packet.

Recommended Action ’This situation could denote a denial of service attack or corrupted message’

Error Message %SECURITY-IKE-4-UNKNOWN_EXCHANGE_TYPE

[[chars] ([char]) with peer:[chars] fvrf:[chars]] Received message with unknown exchange [dec].

Explanation IKE performs actions on messages based on defined exchanges. A message received with an unknown exchange.

Recommended Action ’If the problem appears to be more than a transient one, contact the peer’s administrator.’

Error Message %SECURITY-IKE-4-UNRELIABLE_INFO_MSG

[[chars] ([char]) with peer:[chars] fvrf:[chars]] Received INFO message before peer has been authenticated.

Explanation Received INFO message before peer has been authenticated that is why it is called unreliable.

Recommended Action ’Contact the remote peer’s administrator’

Error Message %SECURITY-IKE-4-WARNING

[chars]

Explanation Internal Warning.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-4-WARNING2

[chars], [chars]

Explanation Internal Warning.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKE-6-CAC_DROPS

[chars]

Explanation Call admission control policy is configured on the device. Consequently an IKE SA request was denied due to the reason described in the error message.

Recommended Action ’Depending on the reason that the request was denied, either reduce the load on the system so that it can handle new IKE SA requests, or increase the maximum allowed IKE sessions if more are needed’

Error Message %SECURITY-IKE-6-CRYPTO_TUNNEL_STATUS

Crypto tunnel is [chars]. Peer [chars]:[dec] [chars] [chars] [chars] [chars] [chars] [chars] [chars] [chars]

Explanation Report tunnel status.

Recommended Action None.

Error Message %SECURITY-IKE-6-DEFAULT_POLICY_ACCEPTED

[[chars] ([char]) with peer:[chars] fvrf:[chars]] IKE default policy was matched and is being used.

Explanation The default policy is being used because the local configured policies did not match with the peer’s policies.

Recommended Action ’Check if this is indeed the desired ISAKMP policy to use. To avoid using the default policy, reconfigure the local policy to match with peer’s policy’

Error Message %SECURITY-IKE-6-IPSEC_REJECTED

[[chars] ([char]) with peer:[chars] fvrf:[chars]] ISAKMP SA is to be deleted, reject phase-2 request on top of it.

Explanation Due to major configuration change or manual delete, this session is to be deleted. No new IPSec SAs can be established now on the session.

Recommended Action ’Wait until the session is completely removed and then try to establish a new one.’

Error Message %SECURITY-IKE-6-MODE_FAILURE

Processing of [chars] mode failed with peer at [chars]

Explanation Negotiation with the remote peer failed.

Recommended Action ’If this situation persists contact the remote peer’

IKEv2 Messages

Error Message %SECURITY-IKEv2-3-ERROR

[chars] [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKEv2-4-WARNING

[chars]

Explanation Internal Warning.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IKEv2-4-WARNING2

[chars], [chars]

Explanation Internal Warning.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

IMP Messages

Error Message %SECURITY-IMP-3-CONFIG_ERR

[chars]

Explanation Crypto Configuration (SAs/ACLs) failed

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-IMP-3-FATAL_ERR

[chars]

Explanation An internal software fatal error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-IMP-3-MQ_FAIL

[chars]:Failed on [chars]:[chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-IMP-3-SVI_TUNNEL_TYPE_ERR

[chars]

Explanation SVI has already tunnel with type different from the one that is trying to be established. Single sa tunnel can’t be on the same svi as regular tunnel. first tunnel type determines the SVI type

Recommended Action verify all client are from same type

Error Message %SECURITY-IMP-4-MSG_WARN

[chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-IMP-6-PROC_READY

Process [chars] is ready

Explanation Notification that the process is done its initialization phase and ready to process events.

Recommended Action None

IPP Messages

Error Message %SECURITY-IPP-3-ERR_GENERAL

[chars] [chars]

Explanation Error description, error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IPP-3-ERR_MALLOC

Cannot allocate memory in function [chars]()

Explanation Internal error. System is out of memory - malloc failed.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IPP-6-INFO_GENERAL

[chars]

Explanation The IPSec IPP encountered some problem in genric nature or plain information.

Recommended Action ’No action is required.’

IPSEC Messages

Error Message %SECURITY-IPSEC-3-ERR

[chars]

Explanation IPSec Base component Fatal Error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IPSEC-4-WARNING

[chars]

Explanation IPSec Base component warning message.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-IPSEC-6-INFO

[chars]

Explanation IPSec Base component Informational message

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

KEYCHAIN Messages

Error Message %SECURITY-KEYCHAIN-3-FATAL_ERR

[chars]

Explanation An internal software fatal error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-KEYCHAIN-4-MSG_WARN

Receive invalid message type [dec]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

LOCALD Messages

Error Message %SECURITY-LOCALD-3-AMBIGUOUS_PASSWD

Password which is a single digit is not permitted

Explanation Single digit passwords are not allowed.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-BAG_ENCODE_ERR

Failed to encode [chars] bag: [chars]

Explanation Failed to encode a bag.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-BAGS_UNREG_ERR

Failed to unregister [chars] bag: [chars]

Explanation Failed to unregister a bag.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-DB_CLEAR_FAILED

Clearing the [chars] DB failed. DB state is unknown

Explanation Error encountered when attempting to clear the DB. DB might be in any state now & so usage of hat DB might fail with unexpected results.

Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Also, restarting the local DB process might help recover.

Error Message %SECURITY-LOCALD-3-DEBUG_ERROR

[chars]: [chars]

Explanation Error encountered in debug module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-EDM_INIT_ERR

Failed to register EDM - [chars]

Explanation Failed to initialize EDM.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-ERR_FILE_OPEN

Opening the File [chars] failed

Explanation Error encountered while opening the file

Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-ERR_FILE_WRITE

Writing to the File [chars] failed

Explanation Error encountered while writing to the file.

Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-ERR_INVALID_GROUP

[chars]: [chars]

Explanation AAA failed to recognize the specified server group name. It may be undefined.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-ERR_THREAD_FN

[chars]: pthread [chars] failed: [chars]

Explanation The call to pthread functions, such as pthread_create, lock/unlock a mutex or wait on a condition, failed. The error is displayed in the message.

Recommended Action *SH_TECH*

Error Message %SECURITY-LOCALD-3-ERR_UNSUPPORTED_GROUP

Group [chars] is not valid for [chars]

Explanation RADIUS does not support command authorization and command accounting.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-INSUFFICIENT_BUFFER_SIZE

Buffer size is insufficient to hold the required data: [chars]

Explanation A buffer is required in order to fill a certain data but the buffer size was too small.

Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-LIST_UNDEFINED

Method list [chars] is not defined

Explanation Trying to configure a method list in the line configuration that is not defined in AAA

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-LWA_ADD_DIR_FAIL

Failed to add the username [chars] to lightweight authentication password database - [chars]. (Please remove/rename the file ’/disk0:/AAA’, which is in conflict with the directory ’/disk0:/aaa/’.)

Explanation A file with the same name as aaa directory detected.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-LWA_ADD_FAIL

Failed to add the username [chars] to lightweight authentication password database: [chars]

Explanation Failed to enable this user to log into ksh.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-LWA_REM_FAIL

Failed to remove the username [chars] from lightweight authentication password database - [chars]

Explanation Failed to remove a username from the LWA DB.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-MEMORY

Failed to malloc [unsigned int] bytes

Explanation locald failed to allocate the required amount of memory.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-MSG_ERROR

[chars]: [chars]

Explanation Error encountered while handling messages received by locald.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-MSG_SIZE_ERR

[chars]: Size (%zd) - [chars]

Explanation An internal error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-PLANE_MISMATCH

The username ’[chars]’ is already configured in the other plane (Admin/LR), please choose a different one

Explanation The username has to be unique across the Admin and LR plane.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-RED_STATE_ERROR

Error on changing redundancy state to [chars]: [chars]

Explanation Error encountered during redundancy state transistion.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-ROOT_USERDB_INIT_FAIL

[chars]: path [chars], error: [chars]

Explanation Locald failed to create/remove the root user database on the disk0. This will affect authentication to ksh since it refers to this database.

Recommended Action As a workaround an admin could create this directory in disk0 himself. This should get around the problem.

Error Message %SECURITY-LOCALD-3-ROOT_USERDB_LOCK_ERR

Failed lock operation ’[chars]’. Error: [chars]

Explanation A lock operation on shared resource, called by locald lwDB failed due to the mentioned error.

Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-SETPRIO_FAILED

Changing priority of locald failed: [chars]

Explanation Changing locald priority failed.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-SHMWIN_INIT_FAILURE

Failed to initialize shared memory used for AAA configuration - [chars]

Explanation Failed to initialize shared memory window

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-SHUTDOWN_ERROR

[chars]: [chars]

Explanation locald process failed to shutdown properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-SIGEVENT_SEND_FAIL

Failed to send sigevent to [chars] - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-STARTUP_ERROR

[chars]: [chars]

Explanation locald process failed to startup properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-3-STBY_INIT_ERR

Failed to initialize standby - [chars]

Explanation Failed to initialize locald on standby node.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-4-ACCT_FAILURE

Failed to send the accounting record for request id [dec] - [chars]

Explanation Failed to send an accounting record to RADIUS or TACACS+ server

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-4-ACCT_TIMEOUT_FAILURE

Failed to handle timeout for sending an accounting record (request id [dec]) - [chars]

Explanation Failed to send an accounting record to RADIUS or TACACS+ server

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-4-CERR_REGISTER

[chars]: [chars]

Explanation locald failed to register error codes.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-4-CHKPT_REGISTER_FAILURE

Error encountered while registering the checkpoint table [chars] - [chars]

Explanation Encountered a checkpoint register failure

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-4-CHKPT_RESTORE_FAILURE

Error encountered while recovering from checkpoint table [chars] - [chars]

Explanation Encountered a checkpoint recovery failure

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-4-CHKPT_SAVE_FAILURE

Error encountered while saving to checkpoint table [chars] - [chars]

Explanation Encountered a checkpoint save failure

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-4-PASSWD_ALREADY_EXISTS

Warning: The password is configured too for user ’[chars]’

Explanation An internal software error has occurred

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-4-SECRET_ALREADY_EXISTS

Warning: The secret is configured too for user ’[chars]’

Explanation An internal software error has occurred

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-7-ERR_SYSDB_FD

[chars] [chars]: [chars]

Explanation Error encountered while using the System Database.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-7-ERR_TTYMGMT_FD

[chars]: [chars]

Explanation Error encountered while using TTY management library.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-LOCALD-7-GENERIC_ERROR

[chars]: [chars]

Explanation Generic error message used for internal debugging.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

login Messages

Error Message %SECURITY-login-3-DEBUG_ERROR

Failed to [chars] debug module: [chars]

Explanation Failed to initialize or shutdown the debug module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-login-3-DLLMAIN_ERROR

Error encountered while initializing the DLL, path [chars]: [chars]

Explanation Error message from debug initialization module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-login-3-INVALID_LOGIN_DEBUG_FLAG

The login debug flag [dec] does not exist

Explanation The debug flag specified is not supported.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-login-3-NO_MEMORY

Not enough memory was available while [chars]

Explanation Failed to allocate necessary memory.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-login-4-AUTHEN_FAILED

Failed authentication attempt by user ’[chars]’ from ’[chars]’ on ’[chars]’

Explanation This is an error message from debug module of aaa component. This might have been caused by 1. Entering wrong username/password. 2. The user is not configured on the box and hence can not login.

Recommended Action Please check for the correctness of username/password

Error Message %SECURITY-login-6-AUTHEN_SUCCESS

Successfully authenticated user ’[chars]’ from ’[chars]’ on ’[chars]’

Explanation This is an info message from debug module of aaa component. This indicates that user has succesfully authenticated.

Recommended Action Debug message only. No action is required.

MPP Messages

Error Message %SECURITY-MPP-3-FATAL_ERR

[chars]

Explanation An internal software fatal error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-MPP-4-MSG_WARN

[chars]: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-MPP-6-MSG_INFO

[chars]: [chars]

Explanation Updated Management Plane configuration.

Recommended Action ’No action is required.’

PKI Messages

Error Message %SECURITY-PKI-6-ERR_1_PARAM

[chars]

Explanation CEPKI general error message with one prameter.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-PKI-6-ERR_2_PARAM

[chars] [chars]

Explanation CEPKI general error message with two prameters.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-PKI-6-LOG_INFO

[chars]

Explanation CEPKI general error message with one prameter.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

RADIUSD Messages

Error Message %SECURITY-RADIUSD-3-ACCT_NOTIFY_FAIL

Failed to notify the completion of accounting to sender - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ACCT_NOTIFY_FAIL

Failed to notify the completion of accounting to sender - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ADD_SYS_IP_ADDR_ATTR_ERR

Adding NAS IP address failed, omitted: [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ADD_SYS_IP_ADDR_ATTR_ERR

Adding NAS IP address failed, omitted: [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ADD_VSA_FAIL

Failed to add VSA av-pair [dec] with [chars] - [chars]

Explanation Failure encountered while adding a VSA.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ADD_VSA_FAIL

Failed to add VSA av-pair [dec] with [chars] - [chars]

Explanation Failure encountered while adding a VSA.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_AVPAIR

Bad AAA avpair [dec] with length [dec] detected

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_AVPAIR

Bad AAA avpair [dec] with length [dec] detected

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_MSG_TYPE

Unsupported message type [dec] encountered while [chars]

Explanation Found an unsupported AAA message type in avlist.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_MSG_TYPE

Unsupported message type [dec] encountered while [chars]

Explanation Found an unsupported AAA message type in avlist.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_VSA_FORMAT_BIT

Format bit is not set for VSA [chars]

Explanation Format bit is not set for VSA %s according to table bitmap.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_VSA_FORMAT_BIT

Format bit is not set for VSA [chars]

Explanation Format bit is not set for VSA %s according to table bitmap.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_VSA_LENGTH

Inconsistent [chars] VSA length [dec] was encountered

Explanation VSA format error found in radiusd while translating.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_VSA_LENGTH

Inconsistent [chars] VSA length [dec] was encountered

Explanation VSA format error found in radiusd while translating.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_VSA_TYPE

Bad [chars] VSA type [dec] with vendor_id [dec] encountered, possibily out of range

Explanation VSA format error found in radiusd while translating.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_VSA_TYPE

Bad [chars] VSA type [dec] with vendor_id [dec] encountered, possibily out of range

Explanation VSA format error found in radiusd while translating.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_VSA_VENDOR

Vendor specified for VSA [chars] is not recognized

Explanation Vendor specified for the VSA is not recognized according to table bitmap. An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAD_VSA_VENDOR

Vendor specified for VSA [chars] is not recognized

Explanation Vendor specified for the VSA is not recognized according to table bitmap. An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAG_ENCODE_ERR

Failed to encode [chars] bag: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAG_ENCODE_ERR

Failed to encode [chars] bag: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAGS_UNREG_ERR

Failed to unregister bag [chars]: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-BAGS_UNREG_ERR

Failed to unregister bag [chars]: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-CONFIG_ERR

Encountered configuration error while [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-CONFIG_ERR

Encountered configuration error while [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-DEBUG_ERROR

[chars]: [chars]

Explanation Error encountered in debug module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-DEBUG_ERROR

[chars]: [chars]

Explanation Error encountered in debug module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-EDM_INIT_ERR

Failed to register EDM - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-EDM_INIT_ERR

Failed to register EDM - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_CREATE_SERVER_ENTRY

Failed to create a server entry: [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_CREATE_SERVER_ENTRY

Failed to create a server entry: [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_CREATESG

Unable to apply server group ’[chars]’ configuration: [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_CREATESG

Unable to apply server group ’[chars]’ configuration: [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_SET_SERVER_ENTRY

Error while setting or unsetting a parameter in server entry: [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_SET_SERVER_ENTRY

Error while setting or unsetting a parameter in server entry: [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_SYSDBBIND

Failed to bind to SysDB at [chars]: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_SYSDBBIND

Failed to bind to SysDB at [chars]: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_TTY_IFH_PRESENT

Both ttyname ([chars]) and ifh ([hex]) are present in the message

Explanation In the AV pair message recieved from the radiusd clients should have either ttyname or interface handle, not both.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ERR_TTY_IFH_PRESENT

Both ttyname ([chars]) and ifh ([hex]) are present in the message

Explanation In the AV pair message recieved from the radiusd clients should have either ttyname or interface handle, not both.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-EVENT_ASYNC_ATTACH_FAIL_ERR

Failed to attach handler for async events: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-EVENT_ASYNC_ATTACH_FAIL_ERR

Failed to attach handler for async events: [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-IP_ADDR_TOO_LONG_ERR

IP address [chars] is too long ([dec])

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-IP_ADDR_TOO_LONG_ERR

IP address [chars] is too long ([dec])

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-LOCKING

Failed to obtain or release [chars] lock (error: [chars])

Explanation radiusd has either failed to obtain or release a lock.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-LOCKING

Failed to obtain or release [chars] lock (error: [chars])

Explanation radiusd has either failed to obtain or release a lock.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-MEMORY

Failed to malloc [unsigned int] bytes

Explanation radiusd has failed to allocate the required amount of memory.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-MEMORY

Failed to malloc [unsigned int] bytes

Explanation radiusd has failed to allocate the required amount of memory.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-MSG_ERROR

[chars]: [chars]

Explanation Error encountered while handling messages received by tacacsd.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-MSG_ERROR

[chars]: [chars]

Explanation Error encountered while handling messages received by tacacsd.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-MSG_SIZE_ERR

[chars]: size [dec] - [chars]

Explanation An internal error occurred

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-MSG_SIZE_ERR

[chars]: size %zd - [chars]

Explanation An internal error occurred

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-NOT_VSA

The specified attribute [dec] is a non-VSA radius attribute

Explanation Encountered a non VSA attribute.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-NOT_VSA

The specified attribute [dec] is a non-VSA radius attribute

Explanation Encountered a non VSA attribute.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-PARAMETER

[chars]

Explanation RADIUS was passed an invalid parameter.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-PARAMETER

[chars]

Explanation RADIUS was passed an invalid parameter.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-RIB_BIND_ERR

Binding to RIB failed: [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-RIB_BIND_ERR

Binding to RIB failed: [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-RIB_LOCAL_ADDRESS_ERR

NAS IP not found; address omitted: [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-RIB_LOCAL_ADDRESS_ERR

NAS IP not found; address omitted: [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-SERVER_MUTEX_INIT_FAILED

Failed to initialize mutex in radiusd

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-SERVER_MUTEX_INIT_FAILED

Failed to initialize mutex in radiusd

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-SETPRIO_FAILED

Changing priority failed [dec]

Explanation Attempt to change priority failed.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-SETPRIO_FAILED

Changing priority failed [dec]

Explanation Attempt to change priority failed.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-SHUTDOWN_ERROR

[chars]: [chars]

Explanation TACACS+ process failed to shutdown properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-SHUTDOWN_ERROR

[chars]: [chars]

Explanation TACACS+ process failed to shutdown properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-STARTUP_ERROR

[chars]: [chars]

Explanation TACACS+ process failed to startup properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-STARTUP_ERROR

[chars]: [chars]

Explanation TACACS+ process failed to startup properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR1

daemon VSA [dec] does not match type string in [chars].

Explanation VSA format error in daemon user config.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR1

daemon VSA [dec] does not match type string in [chars].

Explanation VSA format error in daemon user config.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR2

Parsing error on daemon VSA ’[chars]’ (no protocol or type field)

Explanation VSA format error in daemon user configuration.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR2

Parsing error on daemon VSA ’[chars]’ (no protocol or type field)

Explanation VSA format error in daemon user configuration.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR3

Parsing error on daemon VSA ’[chars]’ (no value field or invalid length)

Explanation VSA format error in daemon user configuration.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR3

Parsing error on daemon VSA ’[chars]’ (no value field or invalid length)

Explanation VSA format error in daemon user configuration.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR4

Parsing error on daemon VSA ’[chars]’, order number [dec] (not 0-254) is not supported

Explanation VSA format error in daemon user configuration.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR4

Parsing error on daemon VSA ’[chars]’, order number [dec] (not 0-254) is not supported

Explanation VSA format error in daemon user configuration.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR5

Parsing error on daemon VSA ’[chars]’ (invalid type field)

Explanation VSA format error in daemon user configuration.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR5

Parsing error on daemon VSA ’[chars]’ (invalid type field)

Explanation VSA format error in daemon user configuration.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_NOTFOUND

VSA [dec] ([chars]) not found in daemon-to-nas tables after string comparing

Explanation VSA not found in the deamon to NAS mapping table.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_NOTFOUND

VSA [dec] ([chars]) not found in daemon-to-nas tables after string comparing

Explanation VSA not found in the deamon to NAS mapping table.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_TABLE_ERROR

Table [chars] entry [dec] has inconsistent ignore flag and standard attribute type

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-VSA_TABLE_ERROR

Table [chars] entry [dec] has inconsistent ignore flag and standard attribute type

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-3-ZERO_TIMER_REPEATEDLY_EXPIRING_ERROR

[chars]: [dec] [dec]

Explanation The deadtimer expiry event repeatedly occured with a deadtime value of zero. This could lead to cpu hogging by radiusd process.

Recommended Action Restarting radiusd process should get around the problem.

Error Message %SECURITY-RADIUSD-3-ZERO_TIMER_REPEATEDLY_EXPIRING_ERROR

[chars]: [dec] [dec]

Explanation The deadtimer expiry event repeatedly occured with a deadtime value of zero. This could lead to cpu hogging by radiusd process.

Recommended Action Restarting radiusd process should get around the problem.

Error Message %SECURITY-RADIUSD-4-CERR_REGISTER

[chars]: [chars]

Explanation radiusd failed to register error codes.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-CERR_REGISTER

[chars]: [chars]

Explanation radiusd failed to register error codes.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-IFHANDLE_NULL

WARNING: Cannot obtain handle for the interface [chars]: [chars]

Explanation Error encountered while obtaining handle for the interface specified as the source interface.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-IFHANDLE_NULL

WARNING: Cannot obtain handle for the interface [chars]: [chars]

Explanation Error encountered while obtaining handle for the interface specified as the source interface.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-IP_ADDRESS_NOT_FOUND

WARNING: No IP address configured for [chars], using default address instead: [chars]

Explanation There is no IP address configured for the specified interface.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-IP_ADDRESS_NOT_FOUND

WARNING: No IP address configured for [chars], using default address instead: [chars]

Explanation There is no IP address configured for the specified interface.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-NO_IP_ADDRESS

WARNING: No IP address has been configured for [chars]

Explanation There is no IP address configured for the specified interface.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-NO_IP_ADDRESS

WARNING: No IP address has been configured for [chars]

Explanation There is no IP address configured for the specified interface.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-NOSUCH_INTF

WARNING: Specified source interface [chars] is not present: [chars]

Explanation The interface specified as source interface is not present.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-NOSUCH_INTF

WARNING: Specified source interface [chars] is not present: [chars]

Explanation The interface specified as source interface is not present.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-RADIUS_NOSERV

Warning: Server [chars]/[dec]/[dec] is not defined

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-RADIUS_NOSERV

Warning: Server [chars]/[dec]/[dec] is not defined

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-SRCINTF_NOTUP

WARNING: Specified source interface [chars] is not UP

Explanation The interface specified as source interface is not UP.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-4-SRCINTF_NOTUP

WARNING: Specified source interface [chars] is not UP

Explanation The interface specified as source interface is not UP.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-BAD_ATTR_LENGTH

Encountered bad attribute length [dec] (attr [dec]) while [chars], ignored

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-BAD_ATTR_LENGTH

Encountered bad attribute length [dec] (attr [dec]) while [chars], ignored

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-BAD_ATTR_TYPE

Encountered bad attribute type [dec] while [chars], ignored

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-BAD_ATTR_TYPE

Encountered bad attribute type [dec] while [chars], ignored

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_ACCT_ID

Cannot convert accounting task id to accounting session id: [chars]

Explanation Accounting task id is probably larger than 2^24 - 1

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_ACCT_ID

Cannot convert accounting task id to accounting session id: [chars]

Explanation Accounting task id is probably larger than 2^24 - 1

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_BAD_REPLY_ATTR

reply attr size equals [dec] not equal to sum of parts equals [dec]

Explanation The length of the reply attribute does not equal its parts.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_BAD_REPLY_ATTR

reply attr size equals [dec] not equal to sum of parts equals [dec]

Explanation The length of the reply attribute does not equal its parts.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_BAD_SESSID_ATTR

Using incorrect AAA attribute for RAD_ACCT_SESSID_ATTR [chars]

Explanation Check consistancy between radius_table and nas_to_daemon_av_table

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_BAD_SESSID_ATTR

Using incorrect AAA attribute for RAD_ACCT_SESSID_ATTR [chars]

Explanation Check consistancy between radius_table and nas_to_daemon_av_table

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_LEAFTIMER

Cannot allocate leaf timer - [chars]

Explanation None at this time

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_LEAFTIMER

Cannot allocate leaf timer - [chars]

Explanation None at this time

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_SOCKET_BIND_FAIL

Error in binding socket: [chars]

Explanation None at this time

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_SOCKET_BIND_FAIL

Error in binding socket: [chars]

Explanation None at this time

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_SOCKETFAIL

Error in opening socket: [chars]

Explanation None at this time

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-ERR_SOCKETFAIL

Error in opening socket: [chars]

Explanation None at this time

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-EVENT_CONN_DESTROY_FAILED

Event connection destroy failed while [chars]: [chars]

Explanation An internal software error occured

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-EVENT_CONN_DESTROY_FAILED

Event connection destroy failed while [chars]: [chars]

Explanation An internal software error occured

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-EVENT_CONN_INIT_FAILED

Failed to initialize event connection for [chars] (error: [chars])

Explanation An internal software error occured

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-EVENT_CONN_INIT_FAILED

Failed to initialize event connection for [chars] (error: [chars])

Explanation An internal software error occured

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-GOT_CISCO_VSA

Encountered a Cisco VSA while processing non Cisco VSAs

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-GOT_CISCO_VSA

Encountered a Cisco VSA while processing non Cisco VSAs

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-INTRFC_STATE_QUERY_FAILED

Cannot query state of interface [chars] (source interface not applied): [chars]

Explanation An internal software error occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-INTRFC_STATE_QUERY_FAILED

Cannot query state of interface [chars] (source interface not applied): [chars]

Explanation An internal software error occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-INVALID_AUTHOR_TYPE

Invalid authorization type [dec] encountered while [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-INVALID_AUTHOR_TYPE

Invalid authorization type [dec] encountered while [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-INVALID_VSA

Found invalid VSA attr [dec] while [chars], ignored

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-INVALID_VSA

Found invalid VSA attr [dec] while [chars], ignored

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-LEN_TOO_LONG

Length of attribute [chars] exceeds limit [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-LEN_TOO_LONG

Length of attribute [chars] exceeds limit [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-SNPRINTF_FAIL

snprintf failed while [chars]: [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-SNPRINTF_FAIL

snprintf failed while [chars]: [chars]

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-UNSUPPORTED_VENDOR

Found unsupported vendor id [dec] while [chars], ignored

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-6-UNSUPPORTED_VENDOR

Found unsupported vendor id [dec] while [chars], ignored

Explanation An internal software error has occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-7-GENERIC_ERROR

[chars]: [chars]

Explanation Generic error message used for internal debugging.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-RADIUSD-7-GENERIC_ERROR

[chars]: [chars]

Explanation Generic error message used for internal debugging.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

SAM Messages

Error Message %SECURITY-SAM-3-ERR_COPY_CRL

Error copying CRL from [chars] to [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_DEL_CA_CERT

Failed to delete CA certificate from SysDB [chars] during merge oper

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_FILE_MD5

Failed in MD5 operation for file: [chars], [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_INVALID_DEVICE

Invalid device name ’[chars]’

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_NO_DIGESTINDEX_VALUE

Installed file, [chars], does not have SAM index entry

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_NO_MEMORY

Out of memory

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_OPEN_FILE

Failed opening file: [chars], [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_REG_MSGNO

Could not register SAM_MSGNO message handler for message id [dec]: [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_RESTORE_LOG_ENCODE

Failed to encode bag for log entry [dec] during restore, [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_SYSDB_GET

Failed to get item [chars] in SysDB: [hex], [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_SYSDB_SET

Failed to set item [chars] in SysDB: [hex], [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-ERR_WR_FILE

Failed writing file : [chars], [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-WARN_NVRAM

NVRAM is not available, nvram process might have been down.

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-3-WARN_SPM

SPM is not available, [chars].

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-4-CAUGHT_SIGNAL

server terminating..

Explanation SAM server caught a signal, and terminated

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-4-NO_BACKUP_LOG

SAM log backup file is not present. [chars]

Explanation Backup file of SAM log is not present. The action taken is specified in the string

Recommended Action ’No action is required.’

Error Message %SECURITY-SAM-4-SYSDB_INTEGRITY

Cannot guarantee the integrity of SAM SysDB name space, SAM internal tables had been discarded, and will try to recover from backup files.

Explanation Found digest mistmatch for SAM’s SysDB name space, the SAM portion of SysDB had been deleted. If SAM backup files exists, this should not impact SAM’s functionality; otherwise, CA root certificate and CRL will be lost

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-4-WARN_CA_CERT_EXPIRED

SAM detects the CA certificate had expired, but accepted by user

Explanation SAM found the expired CA certificate in table had been accepted by user.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-4-WARN_CSS_CERT_EXPIRED

SAM detects the PIE certificate had expired, but accepted by user

Explanation SAM found the expired CSS certificate in table had been accepted by user.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-ERR_1_PARAM

[chars]

Explanation SAM general error message with one prameter.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-ERR_2_PARAM

[chars], [chars]

Explanation SAM general error message with two prameters.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-WARN_CHANGE_NOT_PERSISTENT

SAM found no ENA device with sufficient space to backup the modified SAM table, the change will not be persistent until a successful ENA installation on a flash device.

Explanation SAM found there is nowhere to backup the modified SAM table.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-WARN_DIGEST_FILE_MISSING

Secure digest file is not found, cannot guarantee the integrity of memory installed files.

Explanation SAM found digest file in NVRAM is missing, discard the memory packages.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-WARN_DIGEST_FILE_REINIT

Secure digest file not present, SAM will re-init the secure digest file

Explanation SAM found digest file missing from NVRAM, re-init the file.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-WARN_INIT_LOG_BACKUP_FILE

SAM failed to initialize log backup file

Explanation SAM failed to initalize log backup file in NVRAM, log entry not backed up

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-WARN_MEM_DIGEST

SAM will remove backup files for memory digest tables and users MUST re-install the memory packages.

Explanation SAM found MEM digest compare not successful, discard the memory packages.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-WARNING

[chars]

Explanation SAM general warning message.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-WARNING_INSECURE_FLASH_FILE

[chars] is detected insecure, backup not restored

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SAM-6-WARNING_UNMATCH_DIGEST

[chars] has been changed since last installed.

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

SANOS Messages

Error Message %SECURITY-SANOS-0-FW_ADMIN_EMERG

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-0-FW_APP_EMERG

[chars]: [dec]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-0-FW_KERNEL_EMERG

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-1-FW_ADMIN_ALERT

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-1-FW_APP_ALERT

[chars]: [dec]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-1-FW_KERNEL_ALERT

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-2-FW_ADMIN_CRIT

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-2-FW_APP_CRIT

[chars]: [dec]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-2-FW_KERNEL_CRIT

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-3-BOOT_LOAD_ERR

[chars]: [chars]

Explanation Details an error occurring in the boot sequence.

Recommended Action No action needs to be taken- this will be dealt with by the external image helper

Error Message %SECURITY-SANOS-3-CLOCK_UPDATE_FAIL

Failed to update the SanOS and X-Scale clocks

Explanation An Error occurred when trying to send clock update to SanOS. SanOS and X-Scale clocks will not be updated automatically. The main effect is on the time displayed in debug messages and in the SanOS/X-Scale syslog messages.

Recommended Action Reload the router.

Error Message %SECURITY-SANOS-3-EVENT

Event handler function [chars] failed: [chars]

Explanation A failure occurred when trying to use event handling.

Recommended Action There is something wrong with the event handling infra. This probably signifies something more serious, like the kernel failure.

Error Message %SECURITY-SANOS-3-FW_ADMIN_ERR

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-3-FW_APP_ERR

[chars]: [dec]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-3-FW_KERNEL_ERR

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-3-INIT

SanOS Driver initialisation failed: [chars]: [chars]

Explanation A failure occurred during the process startup of the SanOS Driver. This is most likely caused by a failure of some piece of infrastructure used by the SanOS Driver. The error message may give an indication of the root cause of the failure.

Recommended Action The process will be restarted by the System Manager - no further action is necessary. If the problem occurs repeatedly, copy the error message and gather the other necessary information, and call your Cisco technical support representative.

Error Message %SECURITY-SANOS-4-ATTACH_INIT

Error in initiating attach session: [chars]

Explanation A failure occurred when initiating an attach session

Recommended Action --

Error Message %SECURITY-SANOS-4-BOOT_IMAGE_ERR

[chars]

Explanation Details an error occurring in the image.

Recommended Action NIL- the system will deal with the error.

Error Message %SECURITY-SANOS-4-CONNECT

[chars]

Explanation A failure occurred when trying to use the connection infra.

Recommended Action There is something wrong with connection infra. Debug info should be collected.

Error Message %SECURITY-SANOS-4-FW_ADMIN_WARNING

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-4-FW_APP_WARNING

[chars]: [dec]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-4-FW_KERNEL_WARNING

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-4-IPCP

IPCP function [chars] failed, returning: [chars]

Explanation A failure occurred when trying to use IPCP.

Recommended Action This is only a warning. If this message occurs repeatedly, IPCP is broken. In this case, communication between the IOX core and the SanOS core may be down. A restart may be required.

Error Message %SECURITY-SANOS-4-IPCP_INVALID_ATTACH_MSG

Attach module Received an invalid message from IPCP: [chars]

Explanation Details an error occurring in message passing

Recommended Action If this message persists in occurring, there has been a bug in the X-blade core 1 or IPCP. However, it will not affect the running of the SanOS driver Thus no action is required.

Error Message %SECURITY-SANOS-4-IPCP_INVALID_SYSLOG_MSG

Syslog module received an invalid message from IPCP: [chars]

Explanation Details an error occurring in message passing

Recommended Action If this message persists in occurring, there has been a bug in the X-blade core 1 or IPCP. However, it will not affect the running of the SanOS driver Thus no action is required.

Error Message %SECURITY-SANOS-5-FW_ADMIN_NOTICE

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-5-FW_APP_NOTICE

[chars]: [dec]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-5-FW_KERNEL_NOTICE

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-6-BOOT_IMAGE_STATUS

[chars]

Explanation Details information about the image status.

Recommended Action No action needs to be taken.

Error Message %SECURITY-SANOS-6-BOOT_LOAD_STATUS

[chars]

Explanation Details information about the boot.

Recommended Action No action needs to be taken.

Error Message %SECURITY-SANOS-6-FW_ADMIN_INFO

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-6-FW_APP_INFO

[chars]: [dec]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-6-FW_KERNEL_INFO

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-7-FW_ADMIN_DEBUG

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-7-FW_APP_DEBUG

[chars]: [dec]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

Error Message %SECURITY-SANOS-7-FW_KERNEL_DEBUG

[chars]

Explanation See Manual

Recommended Action See Manual required_info: See Manual.

sIMP Messages

Error Message %SECURITY-sIMP-3-FATAL_ERR

[chars]

Explanation An internal software fatal error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-sIMP-4-ITI_WARN

[chars] [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-sIMP-4-MSG_WARN

[chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

SPM Messages

Error Message %SECURITY-SPM-3-ERR_CHAN_CONNECT

Message chan connect ([chars]) failed

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_ENTRY_FIND

Unable to find a delete entry for : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_INVALID_EVENT

SPM server received invalid event : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_MALLOC

Cannot allocate memory in function [chars]()

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_MSG_GEN

[chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_OPEN_SECURE

Error in opening secure file : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_PTHREAD_CREATE

pthread create error : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_PTHREAD_INIT

pthread attr init error : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_PTHREAD_SET

pthread set detach state error : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_PULSE_CODE

Unknown pulse code ([dec]) received

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_REG_HANDLER

Could not register async handlers : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_REG_MSG

Could not register SPM_MSGNO message handler for message id - [dec] : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_REPLY_FAIL

Could not reply to client message : [chars]

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SPM-3-ERR_TOKEN_MISMATCH

Delete file [chars] token mismatch

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

SSHD Messages

Error Message %SECURITY-SSHD-3-ERR_DETAILS

[chars] [chars] [chars]

Explanation Error description, client address, error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-3-ERR_ERRNO

[chars] [chars]

Explanation Error description, error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-3-ERR_GENERAL

[chars]

Explanation SSH encounterd some error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-3-ERR_MALLOC

Cannot allocate memory in function [chars]()

Explanation Internal error. System is out of memory - malloc failed.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-3-ERR_SYSDB_BIND

Cannot bind to sysdb in function [chars]()

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-3-ERR_SYSDB_DATALIST

Cannot get datalist in function [chars]()

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-3-ERR_SYSDB_DELETE

sysdb_item_delete failed for tuple [chars] in function [chars]()

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-3-ERR_SYSDB_PACK

Cannot pack tuple in function [chars]()

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-3-ERR_SYSDB_SET

sysdb_item_set failed for tuple [chars] in function [chars]()

Explanation Internal error.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-4-INFO_FAILURE

Failed authentication attempt by user ’[chars]’ from ’[chars]’ on ’[chars]’

Explanation SSH encountered authentication warning.

Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’

Error Message %SECURITY-SSHD-4-WARNING_LOGIN

The requested term-type ’[chars]’ is not supported

Explanation The sshd encountered a warning condition.

Recommended Action ’No action is required.’

Error Message %SECURITY-SSHD-6-INFO_GENERAL

[chars]

Explanation The sshd encountered some problem in genric nature or plain information.

Recommended Action ’No action is required.’

Error Message %SECURITY-SSHD-6-INFO_SUCCESS

Successfully authenticated user ’[chars]’ from ’[chars]’ on ’[chars]’(cipher ’[chars]’, mac ’[chars]’)

Explanation The sshd successful login information.

Recommended Action ’No action is required.’

Error Message %SECURITY-SSHD-6-INFO_SUCCESS_COMMAND

Successfully authenticated user ’[chars]’ from ’[chars]’ on ’[chars]’(cipher ’[chars]’, mac ’[chars]’, command ’[chars]’)

Explanation The sshd successful login information.

Recommended Action ’No action is required.’

TACACSD Messages

Error Message %SECURITY-TACACSD-3-BAG_ENCODE_ERR

Failed to encode bag information for ’[chars]’ - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-BAGS_UNREG_ERR

Failed to unregister bags - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-DEBUG_ERROR

[chars]: [chars]

Explanation Error encountered in debug module.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-EDM_INIT_ERR

Failed to register EDM - [chars]

Explanation Failed to start the EDM.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_ATTACH_SOCK

Not attaching event handler to socket [dec] - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_CONFIG_GLOBAL

Error while setting or unsetting TACACS+ [chars] configuration - [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_CONFIG_SERVER

Error while setting or unsetting [chars] in a server entry - [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_CREATE_SERVER_ENTRY

Cannot create a TACACS+ server entry - [chars]

Explanation Error occured while creating TACACS+ server entry.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_CREATE_SGSERVER

Unable to add the server ’[chars]’ to group ’[chars]’ - [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_CREATESG

Unable to create the server group ’[chars]’ - [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_DELETE_SGSERVER

Unable to delete the server ’[chars]’ from group ’[chars]’ - [chars]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_DELETESG

Unable to delete the server group ’[chars]’ - [chars]

Explanation A configuration error has occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-ERR_SYSDBBIND

Failed to bind to SysDB for path [chars] after [dec] retries

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-MEMORY

Failed to allocate [unsigned int] bytes while [chars]

Explanation tacacsd has failed to allocate the required amount of memory

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-MSG_ERROR

[chars]: [chars]

Explanation Error encountered while handling messages received by tacacsd.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-MSG_SIZE_ERR

[chars]: size %zd - [chars]

Explanation A message with illegal size was received or to be sent.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-PARAMETER

[chars]

Explanation An invalid argument was passed to either the tacacsd or one of its funtions.

Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-PROBE_THREAD_CREATE_FAILED

Unable to create thread to probe status of TACACS+ server [chars]/[dec]

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-SETPRIO_FAILED

Failed to change server priority - [chars]

Explanation Attempt to change priority failed.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-SHUTDOWN_ERROR

[chars]: [chars]

Explanation TACACS+ process failed to shutdown properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-3-STARTUP_ERROR

[chars]: [chars]

Explanation TACACS+ process failed to startup properly.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-4-CERR_REGISTER

[chars]: [chars]

Explanation tacacsd failed to register error codes.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-4-IFHANDLE_NULL

WARNING: Cannot obtain handle for the interface [chars]: [chars]

Explanation Error encountered while obtaining handle for the interface specified as the source interface.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-4-NO_IP_ADDRESS

WARNING: No IP address has been configured for [chars]

Explanation There is no IP address configured for the specified interface.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-4-NOSUCH_INTF

WARNING: Specified source interface [chars] is not present: [chars]

Explanation The interface specified as source interface is not present.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-4-SRCINTF_NOTUP

WARNING: Specified source interface [chars] is not UP

Explanation The interface specified as source interface is not UP.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-4-TACACS_NOSERV

Warning: Server [chars] is not configured

Explanation An internal software error occurred.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-4-WRONG_KEY

WARNING: Wrong key configured for the server [chars]/[dec]

Explanation Tacacs+ server key configured on the router is wrong.

Recommended Action Please configure correct key on the router for the tacacs+ server.

Error Message %SECURITY-TACACSD-6-NO_CMD

No valid command provided for [chars]

Explanation An internal software error occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-6-NULL_REQ

Encountered a NULL request pointer while [chars]

Explanation An internal software error occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-6-SERVER_DOWN

TACACS+ server [chars]/[dec] is DOWN - Socket [dec]: [chars]

Explanation TACACS+ server is unreachable or down.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-6-SERVER_UP

TACACS+ server [chars]/[dec] is UP

Explanation TACACS+ server is reachable or up.

Recommended Action This is a log info message to indicate that TACACS+ server is up and running. Its not an error condition.

Error Message %SECURITY-TACACSD-6-TIMEOUT_IGNORED

A time out event has been ignored for context key [chars] (session [hex])

Explanation An internal software error occured.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-TACACSD-7-GENERIC_ERROR

[chars]: [chars]

Explanation Error message for internal debugging purposes.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

VFW Messages

Error Message %SECURITY-VFW-3-FAA_FA_CB

Error processing service failure action change: [chars]

Explanation An error occurred in FAA or associated services whilst it was attempting to process the creation, update, or removal of default failure action configuration for a Virtual Firewall. More information on the course of the failure is contained in the message.

Recommended Action If the error message indicated that a lack of resource was to blame for this error, make more resource available on the indicated node, then restart the rspp_ma process on this node using the ’process restart’ command. Otherwise, roll back the configuration change, wait 10 seconds, then re-apply the configuration. If the error is still seen, restart the RSPP MA process on the node indicated using the ’process restart’ command.

Error Message %SECURITY-VFW-3-FMI_NETIO_DROPPED_PACKETS

Packets have been dropped in the FMI base capsulation, but no error counts could be updated ([chars]).

Explanation An error has occured during packet handling in the FMI base capsulation, and no error counters can be updated. If errors are seen for an extended period then it can be assumed that no packets can be forwarded through FMI interfaces. This is likely to be a symptom of a problem in the Packet Forwarding Infrastructure - earlier error messages might indicate the root cause of the problem.

Recommended Action If the errors stop after a couple of minutes while traffic is still flowing through the FMI then it can be assumed that the problem has resolved itself. If the problem continues, then unconfiguring and reconfiguring the FMI interfaces could fix the issue.

Error Message %SECURITY-VFW-3-FWC_AVL_DELETE_FAILED

The Firewall Controller failed to remove interface [chars] (firewall [chars]) from its database

Explanation A call into the IOS-XR AVL tree library failed. This may result in the firewall controller unexpectedly restarting after this message is seen.

Recommended Action If the process unexpectedly restarts, this will clear the problem; otherwise no further action is necessary to recover. In either case, please copy the message exactly as it appears on the console or in the system log, along with any subsequent messages relating to process restart and the information detailed below, and call your Cisco technical support representative.

Error Message %SECURITY-VFW-3-FWC_DB_CREATE_FAIL

The Firewall Controller failed to create an entry for [chars] [chars]%s[chars] in the [chars] database

Explanation The Firewall Controller has been informed of the existence of a new interface or firewall, but attempts to create an entry for it in the relevant database have failed. The most likely cause of this problem is a lack of memory. This will have left the system in an inconsistent state.

Recommended Action Try to add memory or free up some by removing configuration. Restart the Firewall Controller process using the ’prcoess restart’ mechanism.

Error Message %SECURITY-VFW-3-FWC_FWS_CFG_UPDATE_FAIL

The Firewall Controller failed to update configuration following [chars] of [chars] [chars]%s[chars]: [chars]

Explanation The Firewall Controller has been informed of an interface/firewall create/delete by the firewall application but has failed to update its configuration. This will have left the system in an inconsistent state.

Recommended Action Restart the Firewall Controller process using the ’process restart’ mechanism, the firewall controller should resynchronise.

Error Message %SECURITY-VFW-3-FWC_FWS_FW_NOTFOUND

The Firewall Controller failed to find firewall with id [unsigned int] in the firewall database

Explanation The Firewall Controller has been told to update firewall information as a result of a firewall state change but has been unable to find the firewall in the firewall database. This indicates that the system is in an inconsistent state.

Recommended Action Restart the Firewall Controller process using the ’process restart’ mechanism, the firewall controller should resynchronise

Error Message %SECURITY-VFW-3-FWC_INIT

Firewall controller initialisation failed: [chars]: [chars]

Explanation A failure occurred during the process startup of the firewall controller. This is most likely caused by a failure of some piece of infrastructure used by the firewall controller. The error message may give an indication of the root cause of the failure.

Recommended Action The process will be restarted by the System Manager - no further action is necessary. If the problem occurs repeatedly, copy the error message and gather the other necessary information, and call you Cisco technical support representative.

Error Message %SECURITY-VFW-3-FWC_INTF_FW_NOTFOUND

The Firewall Controller could not find the firewall with ID [unsigned int] for interface [chars] when removing diversions

Explanation The Firewall Controller has been informed of diversion removal for an interface, but found that the relevant firewall does not exist in the database. This error message indicates an inconsistency in the firewall database, which will cause the Firewall Controller process to restart.

Recommended Action The Firewall Controller will restart, no user intervention is required. If the problem persists, contact your Cisco technical support representative.

Error Message %SECURITY-VFW-3-FWC_SPU_CLEAR_FAIL

The Firewall Controller failed to write an invalid entry to the the SPU context table on firewall delete

Explanation The Firewall Controller’s attempt to set an invalid entry in the SPU context table following a firewall delete has failed. This will have left the system in an inconsistent state.

Recommended Action Restart the Firewall Controller process using the ’process restart’ mechanism.

Error Message %SECURITY-VFW-3-FWC_SSC_UPDATE_FAIL

The Firewall Controller failed to update the Service Director when [chars] [chars] [chars]%s[chars]: [chars]

Explanation The Firewall Controller’s attempt to inform the Service Director of a change to either interface/firewall state has failed. This will have left the system in an inconsistent state.

Recommended Action Restart the Firewall Controller process using the ’process restart’ mechanism.

Error Message %SECURITY-VFW-3-FWC_WAVL_DELETE_FAILED

The Firewall Controller failed to remove firewall [chars] from its database

Explanation A call into the IOS-XR WAVL tree library failed. This may result in the firewall controller unexpectedly restarting after this message is seen.

Recommended Action If the process unexpectedly restarts, this will clear the problem; otherwise no further action is necessary to recover. In either case, please copy the message exactly as it appears on the console or in the system log, along with any subsequent messages relating to process restart and the information detailed below, and call your Cisco technical support representative.

Error Message %SECURITY-VFW-3-FWM_INIT

Firewall manager initialisation failed: [chars]: [chars]

Explanation A failure occurred during the process startup of the firewall controller. This is most likely caused by a failure of some piece of infrastructure used by the firewall controller. The error message may give an indication of the root cause of the failure.

Recommended Action The process will be restarted by the System Manager - no further action is necessary. If the problem occurs repeatedly, copy the error message and gather the other necessary information, and call you Cisco technical support representative.

Error Message %SECURITY-VFW-4-EXITING

[chars] failed to notify SysMgr of intention to exit: [chars]

Explanation A failure occurred during shutdown of the specified process, and it was unable to notify the System Manager that it was about to exit. In rare cases, this could result in a failure by the System Manager to restart the process when it ought to do so.

Recommended Action If the process ought to be running and is not, then attempt to restart it using the ’process restart’ command. If this fails, deconfigure the process and re-enter the configuration.

Error Message %SECURITY-VFW-4-FWC_CONFIG_ERR

Firewall Controller failed to process configuration change for firewall [chars]: failed to [chars] default-interface: [chars]

Explanation An error occurred in the firewall controller whilst it was attempting to handle the default-interface configuration for the firewall specified in the message.

Recommended Action Roll back the configuration change, wait 10 seconds, then re-apply the configuration. If the error is still seen, restart the firewall controller process using the ’process restart’ command.

Error Message %SECURITY-VFW-4-FWC_EVENT_CONN_ERROR_FAIL

Firewall controller failed to reset ’[chars]’ connection: [chars]

Explanation After detecting an error with the connection to the specified service, the Firewall controller failed to reset that connection. This is an internal error. It requires a restart of the process for recovery.

Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.

Error Message %SECURITY-VFW-4-FWC_FMI_IFH_MISMATCH

The Firewall Controller saw an interface handle mismatch when updating FMI information for interface [chars] (firewall [chars]) in its database

Explanation The Firewall Controller has been informed of the creation of a Firewall Management Interface, but found that the interface handle for the interface differs from the handle in its database. This error message indicates an inconsistency in the firewall database, which may result in unexpected behaviour.

Recommended Action If this message is seen and the state of firewalls on the router does not match the expected state as a result of configuration, restart the Firewall Controller process using the ’process restart’ mechanism.

Error Message %SECURITY-VFW-4-FWC_FMI_INFO_UPDATE

The Firewall Controller [chars] FMI info already present when updating interface [chars] (firewall [chars]) in its database

Explanation The Firewall Controller has been informed of the creation of a Firewall Management Interface that already exists, or has received an update about a Firewall Management Interface that does not exist. This error message indicates an inconsistency in the firewall database, which may result in unexpected behaviour.

Recommended Action If this message is seen and the state of firewalls on the router does not match the expected state as a result of configuration, restart the Firewall Controller process using the ’process restart’ mechanism.

Error Message %SECURITY-VFW-4-FWC_FW_APP_BAD_VERSION

Firewall Controller received a message from the Firewall Application with an unexpected version: expected version [unsigned int], received version [unsigned int]

Explanation The Firewall Controller received a message from the Firewall Application with an unexpected version. This could indicate a mismatch in software versions between IOS-XR and the Firewall Application as a result of a software upgrade.

Recommended Action Ensure that compatible versions of the IOS-XR and Firewall Application software are installed. The problem may be cleared by rolling back any recent software install operations.

Error Message %SECURITY-VFW-4-FWC_FW_APP_RECV_FAILED

Failed to process a received message: [chars]

Explanation The Firewall Controller encountered an error while processing a message received from the Firewall Application, for example a corrupt message. As a result, some virtual firewalls may not operate correctly.

Recommended Action If some firewalls are not operating correctly after seeing this message, the system can be recovered by restarting the ’fwc’ process using the ’process restart’ command. If the error occurs repeatedly, contact your Cisco technical support representative.

Error Message %SECURITY-VFW-4-FWC_INTF_DB_INFO_ALREADY_SET

The Firewall Controller found [chars] already present when updating interface [chars] (firewall [chars]) in its database

Explanation If the interface ID is already present, the Firewall Controller has been informed of a Firewall Application interface create, but found that its database already contains the Firewall Application interface ID. If diversions were already present, the Firewall Controller has been informed of diversion creation for an interface, but found that its database already contains diversion information for the interface. This error message indicates an inconsistency in the firewall database, which may result in unexpected behaviour.

Recommended Action If this message is seen and the state of firewalls on the router does not match the expected state as a result of configuration, restart the Firewall Controller process using the ’process restart’ mechanism.

Error Message %SECURITY-VFW-4-FWC_INTF_IFH_MISMATCH

The Firewall Controller saw an interface handle mismatch when updating diversions for interface [chars] (firewall [chars]) in its database

Explanation The Firewall Controller has been informed of diversion creation for an interface, but found that the interface handle for the diversion differs from the handle in its database. This error message indicates an inconsistency in the firewall database, which may result in unexpected behaviour.

Recommended Action If this message is seen and the state of firewalls on the router does not match the expected state as a result of configuration, restart the Firewall Controller process using the ’process restart’ mechanism.

Error Message %SECURITY-VFW-4-FWC_REMOVE_ATTACHMENT

The Firewall Controller failed to remove an attachment for an interface in firewall [chars]

Explanation The Firewall Controller has tried to remove an attachment as a result of a notification from RSPP, but has failed to do so. This may result in inconsistent data in the firewall controller and unexpected behaviour.

Recommended Action If the firewall controller behaves unexpectedly, the problem may be resolved by restarting it using the ’process restart’ command.

Error Message %SECURITY-VFW-4-LOST_EVENT

Failed to receive an event: [chars]

Explanation The process failed to receive an event from the Operating System. As a result, some aspects of the process may fail to function correctly.

Recommended Action If erroneous behaviour is seen, restart the process using the ’process restart’ command.

Error Message %SECURITY-VFW-6-FMI_CONFLICTING_CONFIG

Two Firewall Management interfaces of the same type have been configured on the same firewall ([chars]).

Explanation Two Firewall Management interfaces of the same type (follow-active or follow-standby) have been configured on the specified firewall. Both of the interfaces will be brought down until the conflicting configuration is removed.

Recommended Action Remove the conflicting configuration from one of the Firewall Management interfaces.