Messages Listed by Severity Level

Table Of Contents

Messages Listed by Severity Level

Alert Messages, Severity 1

Critical Messages, Severity 2

Error Messages, Severity 3

Warning Messages, Severity 4

Notification Messages, Severity 5

Informational Messages, Severity 6

Debugging Messages, Severity 7


Messages Listed by Severity Level


This appendix contains the following sections:

Alert Messages, Severity 1

Critical Messages, Severity 2

Error Messages, Severity 3

Warning Messages, Severity 4

Notification Messages, Severity 5

Informational Messages, Severity 6

Debugging Messages, Severity 7


Note   PIX Firewall does not send severity 0, emergency messages to syslog. These are analogous to a UNIX panic message and denote an unstable system.


Alert Messages, Severity 1

The following messages appear at severity 1, alerts:

%PIX-1-101001: (Primary) Failover cable OK.

%PIX-1-101002: (Primary) Bad failover cable.

%PIX-1-101003: (Primary) failover cable not connected (this unit).

%PIX-1-101004: (Primary) failover cable not connected (other unit).

%PIX-1-101005: (Primary) Error reading failover cable status.

%PIX-1-102001: (Primary) Power failure/System reload other side.

%PIX-1-103001: (Primary) No response from other firewall.

%PIX-1-103002: (Primary) Other firewall network interface interface_number failed.

%PIX-1-103004: (Primary) Other firewall reports this firewall failed.

%PIX-1-103005: (Primary) Other firewall reporting failure.

%PIX-1-104001: Secondary: Switching to ACTIVE (cause: reason).

%PIX-1-104002: (Primary) Switching to STNDBY (cause: reason).

%PIX-1-104003: (Primary) Switching to FAILED.

%PIX-1-104004: (Primary) Switching to OK.

%PIX-1-105001: Disabling failover.

%PIX-1-105002: Enabling failover.

%PIX-1-105003: Monitoring on interface interface_number waiting.

%PIX-1-105004: Monitoring on interface interface_number normal.

%PIX-1-105005: Lost Failover communications with mate on interface interface_number.

%PIX-1-105006: Link status `Up' on interface interface_number.

%PIX-1-105007: Link status `Down' on interface interface_number.

%PIX-1-105008: Testing Interface interface_number.

%PIX-1-105009: Testing on interface interface_number result.

%PIX-1-105020: (Primary) Incomplete/slow config replication

%PIX-1-709003: (Primary) Beginning configuration replication: Send to mate.

%PIX-1-709004: (Primary) End Configuration Replication (ACT)

%PIX-1-709005: (Primary) Beginning configuration replication: Receiving from mate.

Critical Messages, Severity 2

The following messages appear at severity 2, critical:

%PIX-2-106001: Inbound TCP connection denied from IP_addr/port to IP_addr/port flags TCP_flags

%PIX-2-106002: protocol# Connection denied by outbound list list_ID src laddr/lport dest faddr/fport

%PIX-2-106003: Connection denied src laddr dest faddr due to JAVA Applet.

%PIX-2-106006: Deny inbound UDP from faddr/fport to laddr/lport

%PIX-2-106007: Deny inbound UDP from faddr/fport to laddr/lport due to DNS flag.

%PIX-2-106008: Translation for src_addr to dest_addr/dport denied by outbound (source is denied) chars

%PIX-2-106009: Translation for src_addr to dest_addr/dport denied by outbound (destination is denied) chars

%PIX-2-106012: Deny IP from IP_addr to IP_addr, IP options hex.

%PIX-2-106013: Dropping echo request from IP_addr to PAT address IP_Addr

%PIX-2-106016: Deny IP spoof from (IP_addr) to IP_addr

%PIX-2-106017: Packet contains ActiveX content and has been modified src IP_addr dest to IP_addr

%PIX-2-106018: ICMP packet type ICMP_type denied by outbound list list_ID src laddr dest faddr

%PIX-2-108002: SMTP replaced chars: out src_addr in laddr data: chars

%PIX-2-110003: No interface is configured (with nameif).

%PIX-2-112001: (chars:dec) pix clear finished.

%PIX-2-201003: Embryonic limit exceeded neconns/elimit for faddr/fport (gaddr) laddr/lport

Error Messages, Severity 3

The following messages appear at severity 3, errors:

%PIX-3-105010: (Primary) failover message block alloc failed

%PIX-3-106010: Deny inbound from outside: IP_addr to inside: IP_addr chars.

%PIX-3-106014: Deny inbound icmp src interface name: IP_addr dst interface name: IP_addr (type dec, code dec)

%PIX-3-109010: Auth from laddr/lport to faddr/fport failed (too many pending auths)

%PIX-3-110002: No ARP for host IP_addr

%PIX-3-201002: Too many connections on static|xlate gaddr! econns nconns

%PIX-3-201005: FTP data connection failed for IP_addr.

%PIX-3-201006: RCMD backconnection failed for IP_addr/port.

%PIX-3-201007: Unable to allocate new udp connections (faddr/fport-laddr/lport)

%PIX-3-201008: The PIX is disallowing new connections.

%PIX-3-202001: Out of address translation slots!

%PIX-3-202002: getxlate failed int_name.

%PIX-3-202003: Couldn't find xlate gaddr laddr dest_addr int_name int_name

%PIX-3-202004: Couldn't find xlate gaddr laddr dest_addr int_name

%PIX-3-202005: Non-embryonic in embryonic list faddr/fport laddr/lport

%PIX-3-203001: ESP Error: No Key SPI hex SRC IP_addr DEST IP_addr

%PIX-3-209001: IPFRAG: Unable to allocate frag record for src_addr/src_port to dest_addr/dest_port

%PIX-3-209002: IPFRAG: First Frag have not been seen src_addr to dest_addr

%PIX-3-210001: LU SW_Module_Name error = error_code

%PIX-3-210002: LU allocate block size failed.

%PIX-3-210003: Unknown LU Object ID

%PIX-3-210005: LU allocate connection failed

%PIX-3-210006: LU look NAT for IP_addr failed

%PIX-3-210007: LU allocate xlate failed

%PIX-3-210008: LU no xlate for laddr/l_port faddr/f_port

%PIX-3-210010: LU make UDP connection for faddr:f_port laddr:l_port failed

%PIX-3-210020: LU PAT port port_number reserve failed

%PIX-3-210021: LU create static xlate global_IP ifc int_name failed

%PIX-3-211001: Memory allocation Error

%PIX-3-212001: Unable to open SNMP channel (UDP port udp_port) on interface interface_number, error code = code

%PIX-3-212002: Unable to open SNMP trap channel (UDP port udp_port) on interface interface_number, error code = code

%PIX-3-212003: Unable to receive an SNMP request on interface interface_number, error code = code, will try again.

%PIX-3-212004: Unable to send an SNMP response to IP Address IP_addr Port port interface interface_number, error code = code

%PIX-3-302302: ACL = deny; no sa created

%PIX-3-304006: URL Server IP_addr not responding, trying IP_addr

%PIX-3-304007: URL Server IP_addr not responding, ENTERING ALLOW mode

%PIX-3-304008: LEAVING ALLOW mode, URL Server is up

%PIX-3-305005: No translation group found for protocol

%PIX-3-305006: type translation creation failed for protocol

%PIX-3-307001: Denied Telnet login session from IP_addr.

%PIX-3-309001: Denied manager connection from IP_addr.

%PIX-3-702301: lifetime expiring...

Warning Messages, Severity 4

The following messages appear at severity 4, warning:

%PIX-4-308002: static gaddr1 laddr1 netmask mask1 overlapped with gaddr2 laddr2

%PIX-4-402101: decaps: rec'd IPSEC packet has invalid spi for destaddr=ip-addr, prot=protocol, spi=spi

%PIX-4-402102: decapsulate: packet missing packet_type, destadr=dest_addr, actual prot=protocol

%PIX-4-402103: identity doesn't match negotiated identity...

%PIX-4-402106: Rec'd packet not an IPSEC packet...

Notification Messages, Severity 5

The following messages appear at severity 5, notifications:

%PIX-5-109011: Authen Session Start: user 'user', sid session_num

%PIX-5-109012: Authen Session End: user 'user', sid session_num, elapsed num_seconds seconds

%PIX-5-111001: Begin configuration: IP_addr writing to device

%PIX-5-111003: IP_addr erase configuration

%PIX-5-111004: IP_addr end configuration: [FAILED]|[OK]

%PIX-5-111005: IP_addr end configuration: OK

%PIX-5-111006: Console login from user at IP_addr

%PIX-5-111007: Begin configuration: IP_addr reading from device.

%PIX-5-111008: User 'user' executed the 'chars' command.

%PIX-5-199001: PIX reload command executed from IP_addr.

%PIX-5-304001: user src_addr Accessed JAVA URL|URL dest_addr: url.

%PIX-5-304002: Access denied URL chars SRC IP_addr DEST IP_addr: chars

Informational Messages, Severity 6

The following messages appear at severity 6, informational:

%PIX-6-106015: Deny TCP (no connection) from IP_addr/port to IP_addr/port flags.

%PIX-6-109001: Auth start for user `username' from laddr/lport to faddr/fport

%PIX-6-109002: Auth from laddr/lport to faddr/fport failed (server IP_addr failed)

%PIX-6-109003: Auth from laddr to faddr/fport failed (all servers failed)

%PIX-6-109005: Authentication succeeded for user `user' from laddr/lport to faddr/fport.

%PIX-6-109006: Authentication failed for user `user' from laddr/lport to faddr/fport.

%PIX-6-109007: Authorization permitted for user `user' from laddr/lport to faddr/fport.

%PIX-6-109008: Authorization denied for user `user' from faddr/fport to laddr/lport.

%PIX-6-109009: Authorization denied from laddr/lport to faddr/fport (not authenticated)

%PIX-6-199002: PIX startup completed. Beginning operation.

%PIX-6-199003: Reducing link MTU dec.

%PIX-6-199005: PIX Startup begin

%PIX-6-210022: LU missed number updates

%PIX-6-302001: Built inbound|outbound TCP connection id for faddr faddr/fport gaddr gaddr/gport laddr laddr/lport {username)

%PIX-6-302002: Teardown TCP connection id for faddr IP_addr/port gaddr IP_addr/port laddr IP_addr/port {username)

%PIX-6-302003: Built H245 connection for faddr faddr/fport laddr laddr/lport

%PIX-6-302004: Pre-allocate H323 UDP backconnection for faddr faddr/fport to laddr laddr/port

%PIX-6-302005: Built UDP connection for faddr faddr/fport gaddr gaddr/gport laddr laddr/lport

%PIX-6-302006: Teardown UDP connection for faddr faddr/fport gaddr gaddr/gport laddr laddr/lport

%PIX-6-302009: Rebuilt TCP connection id for faddr faddr/fport gaddr gaddr/gport laddr laddr/lport

%PIX-6-302010: conns in use, conns most used

%PIX-6-303002: src_addr Stored|Retrieved dest_addr: nat_addrs

%PIX-6-304004: URL Server IP_addr request failed URL chars

%PIX-6-305001: Portmapped translation built for gaddr IP_addr/port laddr IP_addr/port

%PIX-6-305002: Translation built for gaddr IP_addr to laddr IP_addr

%PIX-6-305003: Teardown translation for global IP_addr local IP_addr

%PIX-6-305004: Teardown portmap translation for global IP_addr/port local IP_addr/port

%PIX-6-305007: Orphan IP IP_addr on interface interface_number

%PIX-6-307002: Permitted Telnet login session from IP_addr.

%PIX-6-307003: telnet login session failed from IP_addr (num attempts).

%PIX-6-308001: PIX console enable password incorrect for num tries (from IP_addr).

%PIX-6-309002: Permitted manager connection from IP_addr.

%PIX-6-311001: LU loading standby start

%PIX-6-311002: LU loading standby end

%PIX-6-311003: LU recv thread up

%PIX-6-311004: LU xmit thread up

%PIX-6-602101: PMTU-D packet packet_length bytes greater than effective mtu mtu_value dest_addr=dest_ip, src_addr=source_ip, prot=protocol

%PIX-6-602102: Adjusting IPSec tunnel mtu...

%PIX-6-602301: sa created...

%PIX-6-602302: deleting sa...

Debugging Messages, Severity 7

The following messages appear at severity 7, debugging:

%PIX-7-106011: Deny inbound (no xlate) chars

%PIX-7-109014: uauth_lookup_net fail for uauth_in()

%PIX-7-304005: URL Server IP_addr request pending URL chars

%PIX-7-701001: alloc_user() out of Tcp_user objects

%PIX-7-702302: replay rollover detected...

%PIX-7-702303: sa_request...

%PIX-7-709001: FO replication failed: cmd=chars returned=chars

%PIX-7-709002: FO unreplicable: cmd=chars

%PIX-7-709006: (Primary) End Configuration Replication (STB)