User's Manual
Appendix J Log descriptions 299
BCM50a Integrated Router Configuration — Advanced
VPN responder IPSec log
Figure 137 shows a typical log from the VPN connection peer.
Figure 137 Example VPN responder IPSec log
This menu is useful for troubleshooting. A log index number, the date and time
the log was created, and a log message are displayed.
Table 75 shows sample log messages during IKE key exchange.
Index: Date/Time: Log:
------------------------------------------------------------
001 01 Jan 08:08:07 Recv Main Mode request from <192.168.100.100>
002 01 Jan 08:08:07 Recv:<SA>
003 01 Jan 08:08:08 Send:<SA>
004 01 Jan 08:08:08 Recv:<KE><NONCE>
005 01 Jan 08:08:10 Send:<KE><NONCE>
006 01 Jan 08:08:10 Recv:<ID><HASH>
007 01 Jan 08:08:10 Send:<ID><HASH>
008 01 Jan 08:08:10 Phase 1 IKE SA process done
009 01 Jan 08:08:10 Recv:<HASH><SA><NONCE><ID><ID>
010 01 Jan 08:08:10 Start Phase 2: Quick Mode
011 01 Jan 08:08:10 Send:<HASH><SA><NONCE><ID><ID>
012 01 Jan 08:08:10 Recv:<HASH>
Clear IPSec Log (y/n):
Note: Double exclamation marks (!!) denote an error or warning
message.
Note: A PYLD_MALFORMED packet usually means that the two ends
of the VPN tunnel are not using the same pre-shared key.