Link to home
Start Free TrialLog in
Avatar of it-kourt
it-kourtFlag for United States of America

asked on

How to setup Watchguard Mobile VPN with SSL to connect to network resources?

I am trying to setup Mobile VPN with SSL for remote users.  I configured authentication using AD and Mobile VPN with SSL.  I can connect to the firebox but I do not have access to any network resources.
Avatar of dpk_wal
dpk_wal
Flag of India image

You should have a policy in which you grant access to SSL-VPN-users; also, while you configured SSL VPN you would have either checked Force all traffic or specific allowed resources.

If you are using version 10.x of WSM then "Allow SSL VPN-Users" policy would be created by default.

Please check and update.

Thank you.
Avatar of it-kourt

ASKER

I am running WSM 10.2.7 and "Allow SSL VPN=Users" policy was created by default.  When I open the policy it shows:
from: SSL VPN-Users(Active Directory) to: Any
And under Mobile VPN, SSL "Force all client traffic through tunnel" is checked.

I also created a AD Group SSLVPN-Users group and added this object to all users that are allowed to access remotely.
Please edit the auto-generated policy and enable logging for all enabled/denied packets in Properties tab. When the remote user connects and send traffic I would like you to monitor traffic monitor and see what logs you see.
Another thing I would like to verify is what is the IP subnet of the client, is it same as the virtual IP sibnet; if yes then this would cause problem and we would need to change the IP subnet at one of the ends.

Please check and update.

Thank you.
IP subnet of SSL-VPN is 192.168.100.0/24
172.16.151.0/24 is main site
192.168.3.0/24 is branch office PTP T1 Private Network
192.168.2.0/24 is extranet
192.168.222.0/24 is a branch office WG edge
192.168.4.0/24 is a branch office WG edge
10.146.40.0/24 is extranet

2009-02-22 21:24:13 Allow 172.16.151.252 193.0.0.193 dns/udp 59410 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" rc="100"       Traffic
2009-02-22 21:24:13 Allow 172.16.151.252 217.169.119.68 dns/udp 59410 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:13 Allow 172.16.151.252 193.0.0.196 dns/udp 64553 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10027" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 200.33.146.204 dns/udp 62964 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10007" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 192.5.6.32 dns/udp 61207 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10010" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 65.68.49.6 dns/udp 52286 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 204.152.184.64 dns/udp 58701 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 194.204.0.1 dns/udp 50072 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10008" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.213 124.239.86.239 8000/tcp 4476 8000 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" tcpinfo="offset 7 S 2832597991 win 65535" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 192.36.125.2 dns/udp 49747 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 193.227.196.3 dns/udp 57714 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10028" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 192.5.6.32 dns/udp 64651 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10011" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 151.203.0.86 dns/udp 64726 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 193.0.0.196 dns/udp 60565 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10029" rc="100"       Traffic
2009-02-22 21:24:14 Deny 95.84.132.57 205.238.249.55 10089/udp 57838 10089 0-External Firebox denied 134 109 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:14 wgcgi_bin 21953----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:14 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:14 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:14 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542197690] msg_id="0F02-0007"       Debug
2009-02-22 21:24:14 wgcgi_bin CLI comand: show log-cache sequence 5301348725542197690 msg_id="0F02-0011"       Debug
2009-02-22 21:24:14 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.HL8exR -o /tmp/cli_output.OXxlt0 msg_id="0F02-0015"       Debug
2009-02-22 21:24:14 Allow 172.16.151.58 116.227.35.212 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:24:15 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:15 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:15 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=93cc109b 4300604b r=6202c8a6 e171e447 msg_id="0203-5059"       Debug
2009-02-22 21:24:16 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542197690 msg_id="0F02-0012"       Debug
2009-02-22 21:24:16 wgcgi_bin 21953----stop msg_id="0F00-0002"       Debug
2009-02-22 21:24:16 Allow 172.16.151.252 64.251.27.193 dns/udp 51696 53 1-Lancaster 0-External allowed, idle timeout=15 sec 80 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10004" rc="100"       Traffic
2009-02-22 21:24:16 Allow 172.16.151.252 8.10.120.245 dns/udp 49458 53 1-Lancaster 0-External allowed, idle timeout=15 sec 74 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:16 Allow 172.16.151.252 8.10.120.245 dns/udp 60106 53 1-Lancaster 0-External allowed, idle timeout=15 sec 74 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10010" rc="100"       Traffic
2009-02-22 21:24:17 Deny 80.221.31.213 205.238.249.55 13425/udp 35809 13425 0-External Firebox denied 131 109 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:17 Deny 89.137.118.214 205.238.249.55 10387/udp 20452 10387 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:18 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:18 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:18 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=93cc109b 4300604b r=88215750 3c576438 msg_id="0203-5059"       Debug
2009-02-22 21:24:18 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:18 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:18 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:19 Allow 172.16.151.252 202.12.29.59 dns/udp 63567 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" rc="100"       Traffic
2009-02-22 21:24:19 Deny 212.118.142.7 205.238.249.55 13425/udp 60623 13425 0-External Firebox denied 126 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:19 Allow 172.16.151.252 62.149.114.7 dns/udp 50755 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10008" rc="100"       Traffic
2009-02-22 21:24:19 Deny 76.226.147.177 205.238.249.55 10404/udp 53443 10404 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:19 Allow 172.16.151.252 212.118.133.101 dns/udp 50755 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10010" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 202.12.29.59 dns/udp 64263 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 192.42.93.30 dns/udp 61879 53 1-Lancaster 0-External allowed, idle timeout=15 sec 60 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 91.190.112.251 dns/udp 64723 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 202.12.29.59 dns/udp 55785 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10022" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 193.19.192.3 dns/udp 59170 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10005" rc="100"       Traffic
2009-02-22 21:24:20 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:20 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:20 Allow 172.16.151.58 86.55.202.72 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10012" rc="100"       Traffic
2009-02-22 21:24:21 Deny 117.47.31.92 205.238.249.55 13420/udp 10077 13420 0-External Firebox denied 126 106 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:21 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:24:21 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:24:21 Deny 221.202.85.184 205.238.249.55 10402/udp 15220 10402 0-External Firebox denied 90 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:21 wgcgi_bin 22009----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:21 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:21 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:21 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542197897] msg_id="0F02-0007"       Debug
2009-02-22 21:24:21 wgcgi_bin CLI comand: show log-cache sequence 5301348725542197897 msg_id="0F02-0011"       Debug
2009-02-22 21:24:21 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.NpWFYm -o /tmp/cli_output.VRNGNl msg_id="0F02-0015"       Debug
2009-02-22 21:24:22 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:24:22 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:24:22 Allow 172.16.151.13 204.141.57.100 https/tcp 3130 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" tcpinfo="offset 6 S 20762624 win 5840" rc="100"       Traffic
2009-02-22 21:24:22 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:22 Allow 172.16.151.13 204.141.57.100 https/tcp 3130 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" tcpinfo="offset 5 AR 20762693 win 0" rc="100"       Traffic
2009-02-22 21:24:23 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542197897 msg_id="0F02-0012"       Debug
2009-02-22 21:24:23 wgcgi_bin 22009----stop msg_id="0F00-0002"       Debug
2009-02-22 21:24:24 Deny 85.217.232.228 205.238.249.55 10507/udp 12712 10507 0-External Firebox denied 131 108 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:24 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:24 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:24 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:24 Allow 172.16.151.13 204.141.57.101 https/tcp 3131 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" tcpinfo="offset 6 S 30117888 win 5840" rc="100"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.13 204.141.57.101 https/tcp 3131 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" tcpinfo="offset 5 AR 30117957 win 5788" rc="100"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.13 204.141.57.101 https/tcp 3131 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" tcpinfo="offset 5 R 30117957 win 0" rc="100"       Traffic
2009-02-22 21:24:25 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:24:25 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:24:25 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:25 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:25 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d70bf8f9 12104fda r=11f77adc 317275d5 msg_id="0203-5059"       Debug
2009-02-22 21:24:25 Allow 172.16.151.252 204.152.184.64 dns/udp 64028 53 1-Lancaster 0-External allowed, idle timeout=15 sec 70 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.252 62.42.230.135 dns/udp 55327 53 1-Lancaster 0-External allowed, idle timeout=15 sec 70 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10031" rc="100"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.252 202.12.28.140 dns/udp 49848 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10067" rc="100"       Traffic
2009-02-22 21:24:25 Deny 99.243.240.120 205.238.249.55 10404/udp 49497 10404 0-External Firebox denied 131 115 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.252 193.0.0.193 dns/udp 54777 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10023" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 213.47.222.133 dns/udp 55313 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10006" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 199.191.128.106 dns/udp 56077 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10011" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 192.26.92.30 dns/udp 62869 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10008" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 205.178.190.39 dns/udp 49977 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10068" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 205.178.152.46 dns/udp 58650 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" rc="100"       Traffic
2009-02-22 21:24:27 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:27 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:27 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d70bf8f9 12104fda r=4f740f4b e5e4f3f8 msg_id="0203-5059"       Debug
2009-02-22 21:24:28 Allow 172.16.151.250 199.191.128.106 dns/udp 56273 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10012" rc="100"       Traffic
2009-02-22 21:24:28 Allow 172.16.151.250 192.43.172.30 dns/udp 56804 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" rc="100"       Traffic
2009-02-22 21:24:28 Allow 172.16.151.250 205.178.190.39 dns/udp 60155 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10069" rc="100"       Traffic
2009-02-22 21:24:28 Allow 172.16.151.250 205.178.152.46 dns/udp 60693 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10022" rc="100"       Traffic
2009-02-22 21:24:28 wgcgi_bin 22066----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:28 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:28 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:28 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542197938] msg_id="0F02-0007"       Debug
2009-02-22 21:24:28 wgcgi_bin CLI comand: show log-cache sequence 5301348725542197938 msg_id="0F02-0011"       Debug
2009-02-22 21:24:28 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.W4bTer -o /tmp/cli_output.UtpKng msg_id="0F02-0015"       Debug
2009-02-22 21:24:28 Deny 71.82.107.17 205.238.249.55 22332/udp 59420 22332 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:29 Deny 116.14.223.18 205.238.249.55 13657/udp 53537 13657 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:30 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542197938 msg_id="0F02-0012"       Debug
2009-02-22 21:24:30 wgcgi_bin 22066----stop msg_id="0F00-0002"       Debug
2009-02-22 21:24:30 Allow 172.16.151.252 205.178.190.39 dns/udp 53325 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10070" rc="100"       Traffic
2009-02-22 21:24:30 Allow 172.16.151.252 205.178.144.39 dns/udp 58023 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:30 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:30 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:30 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d70bf8f9 12104fda r=629394bd e4beeea8 msg_id="0203-5059"       Debug
2009-02-22 21:24:31 Allow 172.16.151.250 205.178.144.39 dns/udp 59165 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10010" rc="100"       Traffic
2009-02-22 21:24:32 Allow 172.16.151.250 205.178.144.39 dns/udp 55237 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10011" rc="100"       Traffic
2009-02-22 21:24:32 Deny 116.14.223.18 205.238.249.55 10206/udp 53537 10206 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:33 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:33 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:33 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d70bf8f9 12104fda r=5e95239a 23b7fe37 msg_id="0203-5059"       Debug
2009-02-22 21:24:33 Allow 172.16.151.14 12.149.218.73 https/tcp 2895 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" tcpinfo="offset 6 S 124043264 win 5840" rc="100"       Traffic
2009-02-22 21:24:34 Allow 172.16.151.14 12.149.218.73 https/tcp 2895 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" tcpinfo="offset 5 AR 124043333 win 5788" rc="100"       Traffic
2009-02-22 21:24:34 Allow 172.16.151.14 12.149.218.73 https/tcp 2895 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" tcpinfo="offset 5 R 124043333 win 0" rc="100"       Traffic
2009-02-22 21:24:34 wan 657955785 1770675826 unix_time="1235355874.87327"       Stats
2009-02-22 21:24:34 tunnel 57112 263288 unix_time="1235355874.87327"       Stats
2009-02-22 21:24:34 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:34 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:34 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:34 Allow 172.16.151.112 220.255.168.174 24484/tcp 1413 24484 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10033" tcpinfo="offset 7 S 2306318158 win 65535" rc="100"       Traffic
2009-02-22 21:24:35 Deny 116.14.223.18 205.238.249.55 10143/udp 53537 10143 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:35 wgcgi_bin 22122----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:35 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:35 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:35 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542197979] msg_id="0F02-0007"       Debug
2009-02-22 21:24:35 wgcgi_bin CLI comand: show log-cache sequence 5301348725542197979 msg_id="0F02-0011"       Debug
2009-02-22 21:24:35 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.FHbJtm -o /tmp/cli_output.Sczy91 msg_id="0F02-0015"       Debug
2009-02-22 21:24:35 Deny 24.226.153.176 205.238.249.55 10143/udp 12559 10143 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:36 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:24:36 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:24:36 Allow 172.16.151.252 61.177.95.106 dns/udp 55557 53 1-Lancaster 0-External allowed, idle timeout=15 sec 66 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10023" rc="100"       Traffic
2009-02-22 21:24:36 Allow 172.16.151.213 124.239.86.239 8000/tcp 4477 8000 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" tcpinfo="offset 7 S 1405661417 win 65535" rc="100"       Traffic
2009-02-22 21:24:36 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542197979 msg_id="0F02-0012"       Debug
2009-02-22 21:24:36 wgcgi_bin 22122----stop msg_id="0F00-0002"       Debug
2009-02-22 21:24:36 Deny 72.77.13.12 205.238.249.55 14750/udp 52267 14750 0-External Firebox denied 131 107 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:36 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:36 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:37 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:24:37 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:24:37 Deny 62.68.96.34 205.238.249.55 10376/udp 12668 10376 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:37 Deny 123.218.155.59 205.238.249.55 14192/udp 13990 14192 0-External Firebox denied 129 108 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:38 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:39 Deny 82.60.18.4 205.238.249.55 10147/udp 62117 10147 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:39 Deny 74.7.129.38 205.238.249.55 13425/udp 43224 13425 0-External Firebox denied 131 108 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:40 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:24:40 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:24:40 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:40 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:40 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=4d1b5e17 efd51305 r=933d56ff 4869ccc1 msg_id="0203-5059"       Debug
2009-02-22 21:24:40 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:40 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:40 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:41 iked Received a keepalive_request message from 207.255.24.68:500 msg_id="0203-5066"       Debug
2009-02-22 21:24:41 iked  Sending keepalive_ack message to 207.255.24.68:500 msg_id="0203-5060"       Debug
2009-02-22 21:24:41 Allow 172.16.151.58 12.196.165.254 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10013" rc="100"       Traffic
2009-02-22 21:24:42 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:42 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:42 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=4d1b5e17 efd51305 r=ed7ae610 6f5ec9bc msg_id="0203-5059"       Debug
2009-02-22 21:24:42 wgcgi_bin 22179----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:42 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:42 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:42 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542198010] msg_id="0F02-0007"       Debug
2009-02-22 21:24:42 wgcgi_bin CLI comand: show log-cache sequence 5301348725542198010 msg_id="0F02-0011"       Debug
2009-02-22 21:24:42 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.1nb2ky -o /tmp/cli_output.XExce4 msg_id="0F02-0015"       Debug
2009-02-22 21:25:45 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:45 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:45 wgcgi_bin 23314----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:45 wgcgi_bin CMM cmd 1_203 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd resp is RS0       834         1   203                                                                   (num-if=I:8)(if-counter-list=(=(if-index=I:0)(denied-packets=S:93781)(counters=(=S:0)(=S:1948857)(=S:27833)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:1)(denied-packets=S:40)(counters=(=S:2335016)(=S:0)(=S:104091)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:2)(denied-packets=S:66)(counters=(=S:26835)(=S:109694)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:3)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:4)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:5)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:6)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:7)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:45 wgcgi_bin 23314----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:45 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:25:45 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:25:45 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=f7e49e5b 80707ee6 r=f62d2ac7 d61c8ebb msg_id="0203-5059"       Debug
2009-02-22 21:25:45 wgcgi_bin 23316----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:45 wgcgi_bin CMM cmd 4_831 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd resp is RS0       61          4   831                                                                   (mode=I:0)(drop-in-mode=I:0)(ip=S:0.0.0.0)(netmask=S:0.0.0.0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:45 wgcgi_bin 23316----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:45 wgcgi_bin 23317----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw CMM command (111 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:45 wgcgi_bin CMM cmd 4_100 [(info-type=I:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:45   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4 new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4"       Debug
2009-02-22 21:25:45 wgcgi_bin 23317----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:45 wgcgi_bin 23342----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw SNMP command (192 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin 23342----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:45 wgcgi_bin 23343----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw SNMP command (226 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin 23343----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:46 wgcgi_bin 23344----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:46 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:46 wgcgi_bin Handling raw SNMP command (216 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:46 wgcgi_bin 23344----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:46 wgcgi_bin 23345----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:46 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:46 wgcgi_bin Handling raw CMM command (108 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:46 wgcgi_bin CMM cmd 4_971 [(vlanId=I:0)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:46 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:46 wgcgi_bin cmm/cmd resp is RS0       19          4   971                                                                   (vlan-info-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:46 wgcgi_bin 23345----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:46 wgcgi_bin 23346----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:46 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:46 wgcgi_bin Handling raw SNMP command (75 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:46 wgcgi_bin 23346----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:46 wgcgi_bin 23348----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:46 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:46 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:46 wgcgi_bin CMM cmd 4_525 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:46 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:46   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A.""       Debug
2009-02-22 21:25:46 wgcgi_bin 23348----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 wgcgi_bin 23349----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 4_134 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009  new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009 "       Debug
2009-02-22 21:25:47 wgcgi_bin 23349----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 wgcgi_bin 23350----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 4_961 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd resp is RS0       215         4   961                                                                   (ike-policy-group-num=I:4)(ike-policy-group-list=(=(id=S:1)(name=S:Cisco_MAS)(num=S:1))(=(id=S:2)(name=S:Edge_Altoona)(num=S:1))(=(id=S:3)(name=S:Edge_Harrisburg)(num=S:0))(=(id=S:4)(name=S:Reliance_Bank)(num=S:0))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 wgcgi_bin 23350----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 wgcgi_bin 23351----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 2_505 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 cmm_server  switch: MSG_ID_PCY_GET_ALL_ACTIVE_USERS        Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd resp is RS0       8           2   505                                                                   (users=). msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 wgcgi_bin 23351----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 wgcgi_bin 23352----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 2_585 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 cmm_server  MSG_ID_PCY_GET_SSLVPN_TUNNEL_LIST        Debug
2009-02-22 21:25:47 sslvpn[9704]  MANAGEMENT: Client connected from 127.0.0.1:7505        Debug
2009-02-22 21:25:47 sslvpn[9704]  MANAGEMENT: Client disconnected        Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd resp is RS0       191         2   585                                                                   (num=I:1)(tunnel-list=(=(user=S:drreim)(real-ip=S:173.67.138.199)(real-port=S:63289)(virtual-ip=S:192.168.100.2)(logon-time=S:Sun:Feb:22:21:25:36:2009)(send-bytes=S:4017)(recv-Bytes=S:3514))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 wgcgi_bin 23352----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 Allow 172.16.151.13 12.149.218.73 https/tcp 3140 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10038" tcpinfo="offset 6 S 101101568 win 5840" rc="100"       Traffic
2009-02-22 21:25:47 wgcgi_bin 23361----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 2_582 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 cmm_server  switch: MSG_ID_PCY_GET_PPTP_TUNNEL        Debug
2009-02-22 21:25:47 Allow 172.16.151.13 12.149.218.73 https/tcp 3140 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10038" tcpinfo="offset 5 AR 101101637 win 0" rc="100"       Traffic
2009-02-22 21:25:47 wgcgi_bin 23375----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (179 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 1_1 [(id=S:status)(challenge=S:2afTDcN3WHwH00yXnw9uYNCUUCWozuDoa+J2Sy92W7mL2r4356+7Hg==)(src_ip=S:172.16.151.58)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 Allow 81.161.192.4 205.238.249.55 http/tcp 32840 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2152202240 win 65535" rc="100"       Traffic
2009-02-22 21:25:48 Allow 81.161.192.4 205.238.249.55 http/tcp 32840 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2152202241 win 0" rc="100"       Traffic
2009-02-22 21:25:48 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:25:48 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:25:48 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=f7e49e5b 80707ee6 r=8925cb6f dafca398 msg_id="0203-5059"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd resp is RS0       9           2   582                                                                   (num=S:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 wgcgi_bin 23361----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:48 cmm_server status logged in from 172.16.151.58 msg_id="0100-0531"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd resp is RS0       381         1   1                                                                     (sid=S:1711103916)(response=S:5rGcpN4xplTvEif0khh4kkD2kyl5AV+rgm0GWBdZ4PsCR7nV/5eNayZ6Ndk0Elx2)(e_right=(account_admin=I:1)(sys_config=I:1)(pcy_backup=I:1)(log_backup=I:1)(pcy_config=I:1)(alarm_setup=I:1)(alarm_clear=I:1)(rt_monitor=I:1))(b_right=(account_admin=I:1)(sys_config=I:1)(pcy_backup=I:1)(log_backup=I:1)(pcy_config=I:1)(alarm_setup=I:1)(alarm_clear=I:2)(rt_monitor=I:1))^_. msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 wgcgi_bin 23375----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:48 wgcgi_bin 23379----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:48 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:48 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:48 wgcgi_bin CMM cmd 4_201 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd resp is RS0       186         4   201                                                                   (name=S:FireboxX750e)(contact=S:David Reim)(location=S:Plum Street)(version=S:10.2)(package=S:Firebox X750e)(sn=S:9085506255E37)(feature=S:1)(patch=S:7)(no_interface=I:8)(no_policy=I:28). msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 wgcgi_bin 23379----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:48 Allow 172.16.151.252 192.5.6.32 dns/udp 54229 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" rc="100"       Traffic
2009-02-22 21:25:48 wgcgi_bin 23380----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:48 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:48 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:48 wgcgi_bin CMM cmd 4_525 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:48   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A.""       Debug
2009-02-22 21:25:48 wgcgi_bin 23380----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:48 Allow 172.16.151.252 192.42.93.30 dns/udp 55014 53 1-Lancaster 0-External allowed, idle timeout=15 sec 65 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10032" rc="100"       Traffic
2009-02-22 21:25:48 wgcgi_bin 23381----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:48 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:48 wgcgi_bin Handling raw CMM command (111 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:48 wgcgi_bin CMM cmd 4_100 [(info-type=I:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4 new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4"       Debug
2009-02-22 21:25:49 wgcgi_bin 23381----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 Allow 172.16.151.252 134.241.1.3 dns/udp 49730 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10046" rc="100"       Traffic
2009-02-22 21:25:49 wgcgi_bin 23406----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw SNMP command (570 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin 23406----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23407----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CLI command (107 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:25:49 wgcgi_bin CLI cmd 4_331 [cfm counter] msg_id="0F02-0007"       Debug
2009-02-22 21:25:49 wgcgi_bin CLI comand: cfm counter msg_id="0F02-0011"       Debug
2009-02-22 21:25:49 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.HNamFi -o /tmp/cli_output.KbxJQh msg_id="0F02-0015"       Debug
2009-02-22 21:25:49 wgcgi_bin 23409----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_831 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       61          4   831                                                                   (mode=I:0)(drop-in-mode=I:0)(ip=S:0.0.0.0)(netmask=S:0.0.0.0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23409----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 Allow 192.168.3.51 192.168.3.1 netbios-ns/udp 137 137 2-Williamsport Firebox allowed, idle timeout=15 sec 78 128 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:49 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:49 wgcgi_bin 23439----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (108 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_971 [(vlanId=I:0)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       19          4   971                                                                   (vlan-info-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23439----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23461----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_134 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009  new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009 "       Debug
2009-02-22 21:25:49 wgcgi_bin 23461----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 Allow 172.16.151.13 204.141.57.100 https/tcp 3141 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" tcpinfo="offset 6 S 107208704 win 5840" rc="100"       Traffic
2009-02-22 21:25:49 wgcgi_bin 23462----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 1_202 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       522         1   202                                                                   (total_in_byte=S:2790863827)(total_in_packet=S:6715997)(total_out_byte=S:3354440646)(total_out_packet=S:6431802)(ipsec_byte=S:320400)(ipsec_packet=S:2355)(no_stream=S:6001)(no_active_stream=S:239)(no_sa=S:1)(max_sa=S:8000)(pub_status=I:1)(pvt_status=I:1)(dmz_status=I:1)(dmz2_status=I:0)(sys_up_time=S:1039539)(sys_time=S:Sun Feb 22 21:25:49 2009 )(cpu_util_5=S:9.99)(no_blocked_ips=S:0)(max_blocked_ips=I:0)(total-denied-packets=S:93887)(total-auth-users=S:1)(log-server-ip=S:172.16.151.58)(log-server-status=S:Connected). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23462----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 Allow 172.16.151.13 204.141.57.100 https/tcp 3141 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" tcpinfo="offset 5 AR 107208773 win 5788" rc="100"       Traffic
2009-02-22 21:25:49 Allow 172.16.151.13 204.141.57.100 https/tcp 3141 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" tcpinfo="offset 5 R 107208773 win 0" rc="100"       Traffic
2009-02-22 21:25:49 proxy[12600] received UDS event to='rd/dev/cfm0' msg_id="0F02-0150"       Debug
2009-02-22 21:25:49 proxy[12600] received UDS command='counter' id=[17767] from='dev/client.23432' msg_id="0F02-0153"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23432' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti new_msg=" pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23432' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti"       Debug
2009-02-22 21:25:49 wgcgi_bin 23465----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 2_505 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  switch: MSG_ID_PCY_GET_ALL_ACTIVE_USERS        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       8           2   505                                                                   (users=). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23465----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23466----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_961 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       215         4   961                                                                   (ike-policy-group-num=I:4)(ike-policy-group-list=(=(id=S:1)(name=S:Cisco_MAS)(num=S:1))(=(id=S:2)(name=S:Edge_Altoona)(num=S:1))(=(id=S:3)(name=S:Edge_Harrisburg)(num=S:0))(=(id=S:4)(name=S:Reliance_Bank)(num=S:0))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23466----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23467----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:1)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: Tunnel_to_MAS, 1, 0        Debug
2009-02-22 21:25:49 cmm_server  num_active_local_remote_pairs=1        Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: 0, 0, 0, 0        Debug
2009-02-22 21:25:49 cmm_server  more = 0        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       563         4   962                                                                   (active-local-remote-pair-num=I:1)(active-local-remote-pair-list=(=(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(send-bytes=S:0)(send-packets=S:0)(recv-bytes=S:0)(recv-packets=S:0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(create-time=S:1235252942)(key=S:Auto \(IKE\))(security=S:ESP-3DES-SHA1)(total-tunnels=S:1)(total-active-tunnels=S:0)(tunnel-list=(tunnel-id=S:1)))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23467----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23468----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (146 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_963 [(tunnel-list-num=I:1)(tunnel-list=(tunnel-id=S:1))] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1198        4   963                                                                   (total-tunnels=I:1)(total-active-tunnels=I:0)(tunnel-list=(=(status=I:0)(ike-policy-id=S:1)(ike-policy-name=S:Cisco_MAS)(ike-policy-gorup-id=S:1)(ike-policy-group-name=S:Cisco_MAS)(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:67.113.165.100)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235252942)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(tunnel-id=S:1)(life-size=S:0)(life-time=S:1727990)(accu-time=S:91)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:1081387220)(i-remain-time=S:1235252942)(i-sa-bytes=S:0)(i-sa-packets=S:0)(i-total-bytes=S:0)(i-total-packets=S:0)( new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1198        4   963                                                                   (total-tunnels=I:1)(total-active-tunnels=I:0)(tunnel-list=(=(status=I:0)(ike-policy-id=S:1)(ike-policy-name=S:Cisco_MAS)(ike-policy-gorup-id=S:1)(ike-policy-group-name=S:Cisco_MAS)(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:67.113.165.100)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235252942)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(tunnel-id=S:1)(life-size=S:0)(life-time=S:1727990)(accu-time=S:91)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:1081387220)(i-remain-time=S:1235252942)(i-sa-bytes=S:0)(i-sa-packets=S:0)(i-total-bytes=S:0)(i-total-packets=S:0)("       Debug
2009-02-22 21:25:49 wgcgi_bin 23468----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23469----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: Tunnel_to_Altoona, 3, 1        Debug
2009-02-22 21:25:49 cmm_server  num_active_local_remote_pairs=1        Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: 263288, 0, 57112, 0        Debug
2009-02-22 21:25:49 cmm_server  more = 0        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       613         4   962                                                                   (active-local-remote-pair-num=I:1)(active-local-remote-pair-list=(=(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(send-bytes=S:263288)(send-packets=S:1878)(recv-bytes=S:57112)(recv-packets=S:477)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(create-time=S:1235252943)(key=S:Auto \(IKE\))(security=S:ESP-3DES-SHA1)(total-tunnels=S:3)(total-active-tunnels=S:1)(tunnel-list=(tunnel-id=S:4)(tunnel-id=S:2)(tunnel-id=S:3)))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23469----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23470----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (176 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_963 [(tunnel-list-num=I:3)(tunnel-list=(tunnel-id=S:4)(tunnel-id=S:2)(tunnel-id=S:3))] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       3579        4   963                                                                   (total-tunnels=I:3)(total-active-tunnels=I:1)(tunnel-list=(=(status=I:1)(ike-policy-id=S:3)(ike-policy-name=S:Edge_Altoona)(ike-policy-gorup-id=S:2)(ike-policy-group-name=S:Edge_Altoona)(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:207.255.24.68)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235342814)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(tunnel-id=S:4)(life-size=S:0)(life-time=S:86390)(accu-time=S:13135)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:2024577307)(i-remain-time=S:1235342814)(i-sa-bytes=S:7552)(i-sa-packets=S:63)(i-total-bytes=S:7552)(i- new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       3579        4   963                                                                   (total-tunnels=I:3)(total-active-tunnels=I:1)(tunnel-list=(=(status=I:1)(ike-policy-id=S:3)(ike-policy-name=S:Edge_Altoona)(ike-policy-gorup-id=S:2)(ike-policy-group-name=S:Edge_Altoona)(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:207.255.24.68)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235342814)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(tunnel-id=S:4)(life-size=S:0)(life-time=S:86390)(accu-time=S:13135)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:2024577307)(i-remain-time=S:1235342814)(i-sa-bytes=S:7552)(i-sa-packets=S:63)(i-total-bytes=S:7552)(i-"       Debug
2009-02-22 21:25:49 wgcgi_bin 23470----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23471----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:3)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: risburg, -805365692, 2        Debug
2009-02-22 21:25:49 cmm_server  num_active_local_remote_pairs=0        Debug
2009-02-22 21:25:49 cmm_server  more = 0        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       34          4   962                                                                   (active-local-remote-pair-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23471----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23472----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:4)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: _Bank, -805365692, 2        Debug
2009-02-22 21:25:49 cmm_server  num_active_local_remote_pairs=0        Debug
2009-02-22 21:25:49 cmm_server  more = 0        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       34          4   962                                                                   (active-local-remote-pair-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23472----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23473----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 2_582 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  switch: MSG_ID_PCY_GET_PPTP_TUNNEL        Debug
2009-02-22 21:25:49 Allow 81.161.192.4 205.238.249.55 http/tcp 64 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 4194304 win 65535" rc="100"       Traffic
2009-02-22 21:25:50 wgcgi_bin Found prompt and submitted command: cfm counter msg_id="0F02-0012"       Debug
2009-02-22 21:25:50 wgcgi_bin 23407----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:50 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:50 wgcgi_bin cmm/cmd resp is RS0       9           2   582                                                                   (num=S:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 wgcgi_bin 23473----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:50 Deny 70.49.87.147 205.238.249.55 10263/udp 35706 10263 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:50 wgcgi_bin 23489----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:50 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:50 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:50 wgcgi_bin CMM cmd 2_585 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:50 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 cmm_server  MSG_ID_PCY_GET_SSLVPN_TUNNEL_LIST        Debug
2009-02-22 21:25:50 sslvpn[9704]  MANAGEMENT: Client connected from 127.0.0.1:7505        Debug
2009-02-22 21:25:50 sslvpn[9704]  MANAGEMENT: Client disconnected        Debug
2009-02-22 21:25:50 wgcgi_bin cmm/cmd resp is RS0       191         2   585                                                                   (num=I:1)(tunnel-list=(=(user=S:drreim)(real-ip=S:173.67.138.199)(real-port=S:63289)(virtual-ip=S:192.168.100.2)(logon-time=S:Sun:Feb:22:21:25:36:2009)(send-bytes=S:4017)(recv-Bytes=S:3514))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 wgcgi_bin 23489----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:50 wgcgi_bin 23498----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:50 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:50 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:50 wgcgi_bin CMM cmd 1_3 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:50 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 cmm_server status logged out msg_id="0100-0532"       Debug
2009-02-22 21:25:50 wgcgi_bin cmm/cmd resp is RS0       0           1   3                                                                     . msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 wgcgi_bin 23498----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:50 Deny 78.178.30.92 205.238.249.55 10376/udp 33652 10376 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:51 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:25:51 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:25:52 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:25:52 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:25:52 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:52 wgcgi_bin 23501----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:52 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:52 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:52 wgcgi_bin CMM cmd 1_603 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:52 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:52   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       330         1   603                                                                   (haRemoteStatus=S:1074305372)(hasEnabled=S:0)(isHaMaster=S:0)(model=S:Firebox X750e)(version=S:10.2)(patch=S:7)(location=S:Plum Street)(contact=S:David Reim)(serialNumber=S:9085506255E37)(policyVersion=S:1235355737)(pubPortStatus=S:1)(privPortStatus=S:1)(dmzPortStatus=S:1)(dmz2PortStatus=S:0)(usingCpmProfile=I:0)(nextSeqNum=I:1)g_ý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       330         1   603                                                                   (haRemoteStatus=S:1074305372)(hasEnabled=S:0)(isHaMaster=S:0)(model=S:Firebox X750e)(version=S:10.2)(patch=S:7)(location=S:Plum Street)(contact=S:David Reim)(serialNumber=S:9085506255E37)(policyVersion=S:1235355737)(pubPortStatus=S:1)(privPortStatus=S:1)(dmzPortStatus=S:1)(dmz2PortStatus=S:0)(usingCpmProfile=I:0)(nextSeqNum=I:1)g_ý^A.""       Debug
2009-02-22 21:25:52 wgcgi_bin 23501----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:52 Deny 85.229.243.10 205.238.249.55 10376/udp 48872 10376 0-External Firebox denied 131 104 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:52 wgcgi_bin 23504----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:52 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:52 wgcgi_bin Handling raw SNMP command (70 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:52 wgcgi_bin 23504----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:52 Deny 125.160.96.162 205.238.249.55 10203/udp 16948 10203 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:52 wgcgi_bin 23505----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:52 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:52 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:52 wgcgi_bin CMM cmd 4_211 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:52 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:52 wgcgi_bin cmm/cmd resp is RS0       138         4   211                                                                   (location=S:Plum Street)(systemContact=S:David Reim)(year=I:2009)(month=I:2)(day=I:22)(hour=I:21)(minute=I:25)(second=I:52)(timeZone=I:11). msg_id="0F00-0051"       Debug
2009-02-22 21:25:52 wgcgi_bin 23505----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:52 Deny 82.234.157.112 205.238.249.55 14750/udp 50828 14750 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:52 Allow 192.168.3.52 192.168.3.1 netbios-ns/udp 137 137 2-Williamsport Firebox allowed, idle timeout=15 sec 96 128 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:52 Allow 192.168.3.1 192.168.3.52 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.52 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:52 Deny 79.165.237.162 205.238.249.55 22332/udp 33351 22332 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:52 Allow 81.161.192.4 205.238.249.55 http/tcp 64 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 4194305 win 0" rc="100"       Traffic
2009-02-22 21:25:52 Allow 172.16.151.252 192.42.93.30 dns/udp 54482 53 1-Lancaster 0-External allowed, idle timeout=15 sec 68 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10033" rc="100"       Traffic
2009-02-22 21:25:53 Allow 172.16.151.252 192.207.56.1 dns/udp 52699 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10088" rc="100"       Traffic
2009-02-22 21:25:53 Allow 81.161.192.4 205.238.249.55 http/tcp 6 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 393216 win 65535" rc="100"       Traffic
2009-02-22 21:25:53 Allow 81.161.192.4 205.238.249.55 http/tcp 6 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 393217 win 0" rc="100"       Traffic
2009-02-22 21:25:54 Allow 192.168.3.1 192.168.3.52 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.52 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:54 Deny 190.71.155.50 205.238.249.55 13420/udp 14687 13420 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:55 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:25:55 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:25:55 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:55 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:55 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:55 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:25:55 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:25:55 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=b617bd99 a5ab2c8e r=cadd47df cd91e8fd msg_id="0203-5059"       Debug
2009-02-22 21:25:55 wgcgi_bin 23508----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:55 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:55 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:55 wgcgi_bin CMM cmd 4_201 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd resp is RS0       186         4   201                                                                   (name=S:FireboxX750e)(contact=S:David Reim)(location=S:Plum Street)(version=S:10.2)(package=S:Firebox X750e)(sn=S:9085506255E37)(feature=S:1)(patch=S:7)(no_interface=I:8)(no_policy=I:28). msg_id="0F00-0051"       Debug
2009-02-22 21:25:55 wgcgi_bin 23508----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:55 Allow 192.168.3.1 192.168.3.52 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.52 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:55 wgcgi_bin 23509----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:55 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:55 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:55 wgcgi_bin CMM cmd 1_603 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:55   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       330         1   603                                                                   (haRemoteStatus=S:1074305372)(hasEnabled=S:0)(isHaMaster=S:0)(model=S:Firebox X750e)(version=S:10.2)(patch=S:7)(location=S:Plum Street)(contact=S:David Reim)(serialNumber=S:9085506255E37)(policyVersion=S:1235355737)(pubPortStatus=S:1)(privPortStatus=S:1)(dmzPortStatus=S:1)(dmz2PortStatus=S:0)(usingCpmProfile=I:0)(nextSeqNum=I:1)g_ý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       330         1   603                                                                   (haRemoteStatus=S:1074305372)(hasEnabled=S:0)(isHaMaster=S:0)(model=S:Firebox X750e)(version=S:10.2)(patch=S:7)(location=S:Plum Street)(contact=S:David Reim)(serialNumber=S:9085506255E37)(policyVersion=S:1235355737)(pubPortStatus=S:1)(privPortStatus=S:1)(dmzPortStatus=S:1)(dmz2PortStatus=S:0)(usingCpmProfile=I:0)(nextSeqNum=I:1)g_ý^A.""       Debug
2009-02-22 21:25:55 wgcgi_bin 23509----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:55 Allow 81.161.192.4 205.238.249.55 http/tcp 238 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 15597568 win 65535" rc="100"       Traffic
2009-02-22 21:25:55 wgcgi_bin 23512----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:55 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:55 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:55 wgcgi_bin CMM cmd 1_202 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd resp is RS0       522         1   202                                                                   (total_in_byte=S:2790911019)(total_in_packet=S:6716327)(total_out_byte=S:3354550952)(total_out_packet=S:6432131)(ipsec_byte=S:320400)(ipsec_packet=S:2355)(no_stream=S:6007)(no_active_stream=S:244)(no_sa=S:1)(max_sa=S:8000)(pub_status=I:1)(pvt_status=I:1)(dmz_status=I:1)(dmz2_status=I:0)(sys_up_time=S:1039545)(sys_time=S:Sun Feb 22 21:25:55 2009 )(cpu_util_5=S:9.99)(no_blocked_ips=S:0)(max_blocked_ips=I:0)(total-denied-packets=S:93894)(total-auth-users=S:1)(log-server-ip=S:172.16.151.58)(log-server-status=S:Connected). msg_id="0F00-0051"       Debug
2009-02-22 21:25:55 wgcgi_bin 23512----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:55 Allow 81.161.192.4 205.238.249.55 http/tcp 238 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 15597569 win 0" rc="100"       Traffic
2009-02-22 21:25:55 Deny 99.17.237.99 205.238.249.55 10263/udp 32557 10263 0-External Firebox denied 131 115 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:56 wgcgi_bin 23514----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:56 wgcgi_bin CMM cmd 4_604 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:56   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       2814        4   604                                                                   (activeFeature=(=(feature=S:VIP_LB)(type=I:1)(capacity=S:0)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:QOS)(type=I:1)(capacity=S:100)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:MUVPN_USER)(type=I:1)(capacity=S:50)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:HA)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:BOVPN_TUNNEL)(type=I:1)(capacity=S:100)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:3DES)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:OSPF)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:LIVESECURITY)(type=I:1)(capacity=S:1)(status=I:2)(expiration=S:1235192400)(comment=S:))(=(feature=S:FIREWARE)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:AUTH_DOMAIN)(type=I:1)(capacity= new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       2814        4   604                                                                   (activeFeature=(=(feature=S:VIP_LB)(type=I:1)(capacity=S:0)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:QOS)(type=I:1)(capacity=S:100)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:MUVPN_USER)(type=I:1)(capacity=S:50)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:HA)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:BOVPN_TUNNEL)(type=I:1)(capacity=S:100)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:3DES)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:OSPF)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:LIVESECURITY)(type=I:1)(capacity=S:1)(status=I:2)(expiration=S:1235192400)(comment=S:))(=(feature=S:FIREWARE)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:AUTH_DOMAIN)(type=I:1)(capacity="       Debug
2009-02-22 21:25:56 wgcgi_bin 23514----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:56 wgcgi_bin 23515----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:56 wgcgi_bin CMM cmd 1_203 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd resp is RS0       834         1   203                                                                   (num-if=I:8)(if-counter-list=(=(if-index=I:0)(denied-packets=S:93789)(counters=(=S:0)(=S:1948940)(=S:27835)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:1)(denied-packets=S:40)(counters=(=S:2335122)(=S:0)(=S:104092)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:2)(denied-packets=S:66)(counters=(=S:26837)(=S:109696)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:3)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:4)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:5)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:6)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:7)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 wgcgi_bin 23515----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:56 wgcgi_bin 23517----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:56 wgcgi_bin CMM cmd 4_831 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd resp is RS0       61          4   831                                                                   (mode=I:0)(drop-in-mode=I:0)(ip=S:0.0.0.0)(netmask=S:0.0.0.0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 wgcgi_bin 23517----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:56 wgcgi_bin 23519----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw CMM command (111 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:56 wgcgi_bin CMM cmd 4_100 [(info-type=I:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 Allow 220.255.168.174 205.238.249.55 10546/tcp 24484 10546 0-External 1-Lancaster RST received 40 239 (Outgoing-00)  dst_ip_nat="172.16.151.87" dst_port_nat="1386" tcpinfo="offset 5 AR 0 win 0" rc="100"       Traffic
2009-02-22 21:25:56   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4 new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4"       Debug
2009-02-22 21:25:56 wgcgi_bin 23519----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:56 wgcgi_bin 23544----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw SNMP command (192 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin 23544----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 wgcgi_bin 23545----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw SNMP command (226 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin 23545----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 Deny 207.216.248.192 205.238.249.55 10203/udp 32988 10203 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:57 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:57 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:57 wgcgi_bin 23546----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw SNMP command (216 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin 23546----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:25:57 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:25:57 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=b617bd99 a5ab2c8e r=38d5961a b2080f5c msg_id="0203-5059"       Debug
2009-02-22 21:25:57 wgcgi_bin 23547----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw CMM command (108 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:57 wgcgi_bin CMM cmd 4_971 [(vlanId=I:0)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:57 wgcgi_bin cmm/cmd resp is RS0       19          4   971                                                                   (vlan-info-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:57 wgcgi_bin 23547----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 dhcpd  DHCPINFORM from 192.168.3.55 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:57 wgcgi_bin 23548----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw SNMP command (75 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin 23548----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 wgcgi_bin 23549----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:57 wgcgi_bin CMM cmd 4_525 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:57   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A.""       Debug
2009-02-22 21:25:57 wgcgi_bin 23549----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 wgcgi_bin 23550----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 4_134 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009  new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009 "       Debug
2009-02-22 21:25:58 wgcgi_bin 23550----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 Allow 172.16.151.14 204.141.57.101 https/tcp 2901 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10029" tcpinfo="offset 6 S 201162752 win 5840" rc="100"       Traffic
2009-02-22 21:25:58 wgcgi_bin 23551----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 4_961 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd resp is RS0       215         4   961                                                                   (ike-policy-group-num=I:4)(ike-policy-group-list=(=(id=S:1)(name=S:Cisco_MAS)(num=S:1))(=(id=S:2)(name=S:Edge_Altoona)(num=S:1))(=(id=S:3)(name=S:Edge_Harrisburg)(num=S:0))(=(id=S:4)(name=S:Reliance_Bank)(num=S:0))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 wgcgi_bin 23551----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 Allow 172.16.151.14 204.141.57.101 https/tcp 2901 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10029" tcpinfo="offset 5 AR 201162821 win 5788" rc="100"       Traffic
2009-02-22 21:25:58 Allow 172.16.151.14 204.141.57.101 https/tcp 2901 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10029" tcpinfo="offset 5 R 201162821 win 0" rc="100"       Traffic
2009-02-22 21:25:58 wgcgi_bin 23552----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 2_505 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 cmm_server  switch: MSG_ID_PCY_GET_ALL_ACTIVE_USERS        Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd resp is RS0       8           2   505                                                                   (users=). msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 wgcgi_bin 23552----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 wgcgi_bin 23554----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 2_585 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 cmm_server  MSG_ID_PCY_GET_SSLVPN_TUNNEL_LIST        Debug
2009-02-22 21:25:58 sslvpn[9704]  MANAGEMENT: Client connected from 127.0.0.1:7505        Debug
2009-02-22 21:25:58 sslvpn[9704]  MANAGEMENT: Client disconnected        Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd resp is RS0       191         2   585                                                                   (num=I:1)(tunnel-list=(=(user=S:drreim)(real-ip=S:173.67.138.199)(real-port=S:63289)(virtual-ip=S:192.168.100.2)(logon-time=S:Sun:Feb:22:21:25:36:2009)(send-bytes=S:4068)(recv-Bytes=S:3563))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 wgcgi_bin 23554----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 wgcgi_bin 23563----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 2_582 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 cmm_server  switch: MSG_ID_PCY_GET_PPTP_TUNNEL        Debug
2009-02-22 21:25:59 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:59 Allow 81.161.192.4 205.238.249.55 http/tcp 43536 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2853175296 win 65535" rc="100"       Traffic
2009-02-22 21:25:59 Allow 81.161.192.4 205.238.249.55 http/tcp 43536 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2853175297 win 0" rc="100"       Traffic
2009-02-22 21:25:59 Deny 68.52.236.114 205.238.249.55 10387/udp 39065 10387 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:59 Allow 172.16.151.58 207.206.239.17 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10023" rc="100"       Traffic
2009-02-22 21:25:59 wgcgi_bin cmm/cmd resp is RS0       9           2   582                                                                   (num=S:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:59 wgcgi_bin 23563----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:00 wgcgi_bin 23577----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:00 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:00 wgcgi_bin Handling raw CLI command (107 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:00 wgcgi_bin CLI cmd 4_331 [cfm counter] msg_id="0F02-0007"       Debug
2009-02-22 21:26:00 wgcgi_bin CLI comand: cfm counter msg_id="0F02-0011"       Debug
2009-02-22 21:26:00 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.UjkaIS -o /tmp/cli_output.vfvzbC msg_id="0F02-0015"       Debug
2009-02-22 21:26:00 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:00 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:00 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=b617bd99 a5ab2c8e r=7aa9d173 a07b32c9 msg_id="0203-5059"       Debug
2009-02-22 21:26:00 proxy[12600] received UDS event to='rd/dev/cfm0' msg_id="0F02-0150"       Debug
2009-02-22 21:26:00 proxy[12600] received UDS command='counter' id=[17767] from='dev/client.23601' msg_id="0F02-0153"       Debug
2009-02-22 21:26:00   pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23601' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti new_msg=" pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23601' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti"       Debug
2009-02-22 21:26:00 Allow 172.16.151.250 199.93.44.45 dns/udp 49172 53 1-Lancaster 0-External allowed, idle timeout=15 sec 76 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10023" rc="100"       Traffic
2009-02-22 21:26:00 Deny 83.198.227.82 205.238.249.55 14192/udp 20277 14192 0-External Firebox denied 126 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:00 Allow 172.16.151.79 65.55.184.253 http/tcp 1162 80 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" tcpinfo="offset 7 S 2618997992 win 65535" rc="100"       Traffic
2009-02-22 21:26:00 Allow 172.16.151.79 65.55.184.253 http/tcp 1162 80 1-Lancaster 0-External RST received 40 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" tcpinfo="offset 5 AR 2618999614 win 0" rc="100"       Traffic
2009-02-22 21:26:01 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:01 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:01 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:01 proxy[12600] received UDS event to='rd/dev/cfm0' msg_id="0F02-0150"       Debug
2009-02-22 21:26:01 proxy[12600] received UDS command='counter' id=[17767] from='dev/client.23677' msg_id="0F02-0153"       Debug
2009-02-22 21:26:01   pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23677' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti new_msg=" pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23677' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti"       Debug
2009-02-22 21:26:01 wgcgi_bin Found prompt and submitted command: cfm counter msg_id="0F02-0012"       Debug
2009-02-22 21:26:01 wgcgi_bin 23577----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:01 wgcgi_bin 23722----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:01 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:01 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:01 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542198046] msg_id="0F02-0007"       Debug
2009-02-22 21:26:01 wgcgi_bin CLI comand: show log-cache sequence 5301348725542198046 msg_id="0F02-0011"       Debug
2009-02-22 21:26:01 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.GvcORq -o /tmp/cli_output.4BQ3j8 msg_id="0F02-0015"       Debug
2009-02-22 21:26:01 Deny 89.218.218.90 205.238.249.55 10376/udp 63922 10376 0-External Firebox denied 131 113 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:01 dhcpd  DHCPINFORM from 192.168.3.55 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:01 Allow 81.161.192.4 205.238.249.55 http/tcp 92 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 6029312 win 65535" rc="100"       Traffic
2009-02-22 21:26:02 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542198046 msg_id="0F02-0012"       Debug
2009-02-22 21:26:02 wgcgi_bin 23722----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:03 Deny 71.226.251.128 205.238.249.55 16081/udp 25348 16081 0-External Firebox denied 131 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:03 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:03 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:03 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=b617bd99 a5ab2c8e r=13a12fd4 25585581 msg_id="0203-5059"       Debug
2009-02-22 21:26:03 Deny 147.63.5.27 205.238.249.55 2001/udp 13061 2001 0-External Firebox denied 52 237 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:04 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:04 Allow 172.16.151.250 199.212.0.53 dns/udp 49307 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10089" rc="100"       Traffic
2009-02-22 21:26:04 Allow 172.16.151.58 58.52.242.234 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10090" rc="100"       Traffic
2009-02-22 21:26:04 Allow 172.16.151.213 124.239.86.239 8000/tcp 4481 8000 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10039" tcpinfo="offset 7 S 1764260999 win 65535" rc="100"       Traffic
2009-02-22 21:26:05 Allow 81.161.192.4 205.238.249.55 http/tcp 168 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 11010048 win 65535" rc="100"       Traffic
2009-02-22 21:26:05 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:05 Allow 81.161.192.4 205.238.249.55 http/tcp 168 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 11010049 win 0" rc="100"       Traffic
2009-02-22 21:26:05 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:06 Deny 216.121.179.50 205.238.249.55 10376/udp 42454 10376 0-External Firebox denied 131 118 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:06 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:26:06 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:26:07 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:26:07 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:26:07 Allow 81.161.192.4 205.238.249.55 http/tcp 41084 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2692481024 win 65535" rc="100"       Traffic
2009-02-22 21:26:07 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:07 Deny 92.243.167.109 205.238.249.55 15590/udp 44781 15590 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:08 wgcgi_bin 23781----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:08 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:08 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:08 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542200040] msg_id="0F02-0007"       Debug
2009-02-22 21:26:08 wgcgi_bin CLI comand: show log-cache sequence 5301348725542200040 msg_id="0F02-0011"       Debug
2009-02-22 21:26:08 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.lbBMbE -o /tmp/cli_output.g8VESb msg_id="0F02-0015"       Debug
2009-02-22 21:26:08 Deny 83.4.113.106 205.238.249.55 10071/udp 14267 10071 0-External Firebox denied 129 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 199.212.0.53 dns/udp 51075 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10091" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.13 204.141.57.101 https/tcp 3142 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10030" tcpinfo="offset 6 S 188469248 win 5840" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 192.93.0.4 dns/udp 55840 53 1-Lancaster 0-External allowed, idle timeout=15 sec 66 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10034" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.13 204.141.57.101 https/tcp 3142 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10030" tcpinfo="offset 5 AR 188469317 win 0" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 212.33.225.211 dns/udp 57851 53 1-Lancaster 0-External allowed, idle timeout=15 sec 66 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10011" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 192.93.0.4 dns/udp 49209 53 1-Lancaster 0-External allowed, idle timeout=15 sec 58 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" rc="100"       Traffic
2009-02-22 21:26:09 Deny 58.186.3.253 205.238.249.55 14192/udp 12258 14192 0-External Firebox denied 126 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 91.144.128.1 dns/udp 50714 53 1-Lancaster 0-External allowed, idle timeout=15 sec 58 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10040" rc="100"       Traffic
2009-02-22 21:26:09 Allow 192.168.3.55 172.16.151.250 dns/udp 58759 53 2-Williamsport 1-Lancaster allowed, idle timeout=15 sec 60 128 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:09 Allow 192.168.3.1 192.168.3.55 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.55 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:09 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542200040 msg_id="0F02-0012"       Debug
2009-02-22 21:26:09 wgcgi_bin 23781----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:09 Allow 172.16.151.250 91.144.130.1 dns/udp 63924 53 1-Lancaster 0-External allowed, idle timeout=15 sec 66 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10015" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 91.144.128.1 dns/udp 51842 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10041" rc="100"       Traffic
2009-02-22 21:26:10 Allow 81.161.192.4 205.238.249.55 http/tcp 41084 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2692481025 win 0" rc="100"       Traffic
2009-02-22 21:26:10 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:26:10 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:26:10 Allow 172.16.151.250 193.0.0.193 dns/udp 56418 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10033" rc="100"       Traffic
2009-02-22 21:26:10 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:10 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:10 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d14a8db0 ff457cc1 r=bb68b9e3 22126b2c msg_id="0203-5059"       Debug
2009-02-22 21:26:10 Allow 172.16.151.250 193.0.0.193 dns/udp 54114 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10034" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.13 12.149.218.73 https/tcp 3143 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10042" tcpinfo="offset 6 S 193581056 win 5840" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.250 194.170.1.99 dns/udp 59770 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10043" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.13 12.149.218.73 https/tcp 3143 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10042" tcpinfo="offset 5 AR 193581125 win 5788" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.13 12.149.218.73 https/tcp 3143 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10042" tcpinfo="offset 5 R 193581125 win 0" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.250 195.229.237.52 dns/udp 59770 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10024" rc="100"       Traffic
2009-02-22 21:26:10 Allow 81.161.192.4 205.238.249.55 http/tcp 92 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 6029313 win 0" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.250 194.170.1.6 dns/udp 59770 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10025" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.250 194.170.1.7 dns/udp 59770 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" rc="100"       Traffic
2009-02-22 21:26:11 Allow 192.168.3.1 192.168.3.55 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.55 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:11 Allow 81.161.192.4 205.238.249.55 http/tcp 24691 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 1618149376 win 65535" rc="100"       Traffic
2009-02-22 21:26:11 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:11 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:11 Allow 81.161.192.4 205.238.249.55 http/tcp 24691 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 1618149377 win 0" rc="100"       Traffic
2009-02-22 21:26:11 iked Received a keepalive_request message from 207.255.24.68:500 msg_id="0203-5066"       Debug
2009-02-22 21:26:11 iked  Sending keepalive_ack message to 207.255.24.68:500 msg_id="0203-5060"       Debug
2009-02-22 21:26:12 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:12 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:12 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d14a8db0 ff457cc1 r=2d72dcab 9b10d519 msg_id="0203-5059"       Debug
2009-02-22 21:26:12 Allow 192.168.3.1 192.168.3.55 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.55 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:12 Allow 81.161.192.4 205.238.249.55 http/tcp 64 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 4194305 win 0" rc="100"       Traffic
2009-02-22 21:26:13 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:13 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:13 Allow 81.161.192.4 205.238.249.55 http/tcp 32 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2097152 win 65535" rc="100"       Traffic
2009-02-22 21:26:14 Deny 81.161.192.4 205.238.249.55 http/tcp 0 80 0-External unknown Packet with src/dst port 0, firewall drop 40 19 (internal policy)  tcpinfo="offset 5 S 0 win 65535" rc="101"       Traffic
2009-02-22 21:26:14 ma  mia alarm notification.        Debug
2009-02-22 21:26:14 Traffic 8008  Traffic detected,  proc_id="ma" msg_id="0401-1000" time="Sun Feb 22 21:26:14 2009 (EST)" hostname="FireboxX750e.kourt.com"       Alarm
2009-02-22 21:26:14 Allow 81.161.192.4 205.238.249.55 http/tcp 32 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2097153 win 0" rc="100"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 193.0.0.193 dns/udp 51402 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" rc="100"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 195.229.237.52 dns/udp 59293 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10026" rc="100"       Traffic
2009-02-22 21:26:14 Deny 70.82.239.211 205.238.249.55 10507/udp 38854 10507 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 194.170.1.99 dns/udp 59293 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10044" rc="100"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 194.170.1.6 dns/udp 59293 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10027" rc="100"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 194.170.1.7 dns/udp 59293 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:26:15 wgcgi_bin 23838----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:15 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:15 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:15 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542200070] msg_id="0F02-0007"       Debug
2009-02-22 21:26:15 wgcgi_bin CLI comand: show log-cache sequence 5301348725542200070 msg_id="0F02-0011"       Debug
2009-02-22 21:26:15 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.aAvDXD -o /tmp/cli_output.K3ey81 msg_id="0F02-0015"       Debug
2009-02-22 21:26:15 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:15 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:15 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d14a8db0 ff457cc1 r=58b33827 2449e53b msg_id="0203-5059"       Debug
2009-02-22 21:26:15 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:16 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542200070 msg_id="0F02-0012"       Debug
2009-02-22 21:26:16 wgcgi_bin 23838----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:16 Allow 192.168.3.55 172.16.151.250 dns/udp 60356 53 2-Williamsport 1-Lancaster allowed, idle timeout=15 sec 66 128 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:16 Allow 192.168.3.55 65.55.184.253 http/tcp 2227 80 2-Williamsport 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10022" tcpinfo="offset 7 S 3492196438 win 65535" rc="100"       Traffic
2009-02-22 21:26:16 Allow 192.168.3.55 65.55.184.253 http/tcp 2227 80 2-Williamsport 0-External RST received 40 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10022" tcpinfo="offset 5 AR 3492198060 win 0" rc="100"       Traffic
2009-02-22 21:26:16 Deny 202.101.165.202 205.238.249.62 1434/udp 1079 1434 0-External 0-External denied 404 109 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:16 Deny 91.156.142.79 205.238.249.55 15590/udp 47720 15590 0-External Firebox denied 131 115 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:17 Traffic 8008  Traffic detected,  proc_id="ma" msg_id="0401-1000" time="Sun Feb 22 21:26:17 2009 (EST)" hostname="FireboxX750e.kourt.com"       Alarm
2009-02-22 21:26:17 Deny 81.161.192.4 205.238.249.55 http/tcp 0 80 0-External unknown Packet with src/dst port 0, firewall drop 40 19 (internal policy)  tcpinfo="offset 5 S 0 win 65535" rc="101"       Traffic
2009-02-22 21:26:17 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:17 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:17 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:17 Allow 172.16.151.112 75.33.87.76 36855/tcp 1420 36855 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10012" tcpinfo="offset 7 S 3431738764 win 65535" rc="100"       Traffic
2009-02-22 21:26:17 Allow 75.33.87.76 205.238.249.55 10012/tcp 36855 10012 0-External 1-Lancaster RST received 63 243 (Outgoing-00)  dst_ip_nat="172.16.151.112" dst_port_nat="1420" tcpinfo="offset 5 AR 0 win 0" rc="100"       Traffic
2009-02-22 21:26:18 Allow 75.33.87.76 205.238.249.55 10012/tcp 36855 10012 0-External 1-Lancaster RST received 63 243 (Outgoing-00)  dst_ip_nat="172.16.151.112" dst_port_nat="1420" tcpinfo="offset 5 AR 0 win 0" rc="100"       Traffic
2009-02-22 21:26:18 Deny 24.11.91.28 205.238.249.55 14750/udp 12656 14750 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:18 Allow 81.161.192.4 205.238.249.55 http/tcp 8221 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 538771456 win 65535" rc="100"       Traffic
2009-02-22 21:26:18 Deny 78.51.6.148 205.238.249.55 10147/udp 12071 10147 0-External Firebox denied 131 113 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:18 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:18 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:18 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d14a8db0 ff457cc1 r=f839172d f1caf57b msg_id="0203-5059"       Debug
2009-02-22 21:26:18 Allow 81.161.192.4 205.238.249.55 http/tcp 8221 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 538771457 win 0" rc="100"       Traffic
2009-02-22 21:26:18 Allow 75.33.87.76 205.238.249.55 10012/tcp 36855 10012 0-External 1-Lancaster RST received 63 243 (Outgoing-00)  dst_ip_nat="172.16.151.112" dst_port_nat="1420" tcpinfo="offset 5 AR 0 win 0" rc="100"       Traffic
2009-02-22 21:26:19 Allow 172.16.151.14 12.149.218.73 https/tcp 2902 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10045" tcpinfo="offset 6 S 19107840 win 5840" rc="100"       Traffic
2009-02-22 21:26:19 Allow 172.16.151.14 12.149.218.73 https/tcp 2902 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10045" tcpinfo="offset 5 AR 19107909 win 5788" rc="100"       Traffic
2009-02-22 21:26:19 Allow 172.16.151.14 12.149.218.73 https/tcp 2902 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10045" tcpinfo="offset 5 R 19107909 win 0" rc="100"       Traffic
2009-02-22 21:26:20 Deny 61.216.170.110 205.238.249.55 10071/udp 19064 10071 0-External Firebox denied 129 236 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:21 wgcgi_bin 23894----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (179 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 1_1 [(id=S:status)(challenge=S:WAbcxCrzBao9kBdoGhc+qhrbOH4NhaD6/8rMC34jQ42Bw6x7gjYGkw==)(src_ip=S:172.16.151.58)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server status logged in from 172.16.151.58 msg_id="0100-0531"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       381         1   1                                                                     (sid=S:1696824075)(response=S:DvTceoUMefXY4nNSaH8J37t87iY6z7YWhe8dW+6vFgFACXGe9vBeA5u4up+dbXZk)(e_right=(account_admin=I:1)(sys_config=I:1)(pcy_backup=I:1)(log_backup=I:1)(pcy_config=I:1)(alarm_setup=I:1)(alarm_clear=I:1)(rt_monitor=I:1))(b_right=(account_admin=I:1)(sys_config=I:1)(pcy_backup=I:1)(log_backup=I:1)(pcy_config=I:1)(alarm_setup=I:1)(alarm_clear=I:2)(rt_monitor=I:1))^_. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23894----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23897----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_201 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       186         4   201                                                                   (name=S:FireboxX750e)(contact=S:David Reim)(location=S:Plum Street)(version=S:10.2)(package=S:Firebox X750e)(sn=S:9085506255E37)(feature=S:1)(patch=S:7)(no_interface=I:8)(no_policy=I:28). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23897----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:26:21 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:26:21 wgcgi_bin 23898----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_525 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A.""       Debug
2009-02-22 21:26:21 wgcgi_bin 23898----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23899----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (111 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_100 [(info-type=I:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4 new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4"       Debug
2009-02-22 21:26:21 wgcgi_bin 23899----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23924----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw SNMP command (570 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin 23924----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23925----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_831 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       61          4   831                                                                   (mode=I:0)(drop-in-mode=I:0)(ip=S:0.0.0.0)(netmask=S:0.0.0.0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23925----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23926----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (108 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_971 [(vlanId=I:0)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       19          4   971                                                                   (vlan-info-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23926----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23927----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_134 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009  new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009 "       Debug
2009-02-22 21:26:21 wgcgi_bin 23927----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23928----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 1_202 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       522         1   202                                                                   (total_in_byte=S:2791616822)(total_in_packet=S:6718134)(total_out_byte=S:3355523304)(total_out_packet=S:6433932)(ipsec_byte=S:320400)(ipsec_packet=S:2355)(no_stream=S:6038)(no_active_stream=S:169)(no_sa=S:1)(max_sa=S:8000)(pub_status=I:1)(pvt_status=I:1)(dmz_status=I:1)(dmz2_status=I:0)(sys_up_time=S:1039571)(sys_time=S:Sun Feb 22 21:26:21 2009 )(cpu_util_5=S:9.99)(no_blocked_ips=S:0)(max_blocked_ips=I:0)(total-denied-packets=S:93911)(total-auth-users=S:1)(log-server-ip=S:172.16.151.58)(log-server-status=S:Connected). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23928----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23930----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 2_505 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  switch: MSG_ID_PCY_GET_ALL_ACTIVE_USERS        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       8           2   505                                                                   (users=). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23930----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23931----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_961 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       215         4   961                                                                   (ike-policy-group-num=I:4)(ike-policy-group-list=(=(id=S:1)(name=S:Cisco_MAS)(num=S:1))(=(id=S:2)(name=S:Edge_Altoona)(num=S:1))(=(id=S:3)(name=S:Edge_Harrisburg)(num=S:0))(=(id=S:4)(name=S:Reliance_Bank)(num=S:0))). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23931----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23932----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:1)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: Tunnel_to_MAS, 1, 0        Debug
2009-02-22 21:26:21 cmm_server  num_active_local_remote_pairs=1        Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: 0, 0, 0, 0        Debug
2009-02-22 21:26:21 cmm_server  more = 0        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       563         4   962                                                                   (active-local-remote-pair-num=I:1)(active-local-remote-pair-list=(=(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(send-bytes=S:0)(send-packets=S:0)(recv-bytes=S:0)(recv-packets=S:0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(create-time=S:1235252942)(key=S:Auto \(IKE\))(security=S:ESP-3DES-SHA1)(total-tunnels=S:1)(total-active-tunnels=S:0)(tunnel-list=(tunnel-id=S:1)))). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23932----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23933----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (146 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_963 [(tunnel-list-num=I:1)(tunnel-list=(tunnel-id=S:1))] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1198        4   963                                                                   (total-tunnels=I:1)(total-active-tunnels=I:0)(tunnel-list=(=(status=I:0)(ike-policy-id=S:1)(ike-policy-name=S:Cisco_MAS)(ike-policy-gorup-id=S:1)(ike-policy-group-name=S:Cisco_MAS)(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:67.113.165.100)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235252942)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(tunnel-id=S:1)(life-size=S:0)(life-time=S:1727990)(accu-time=S:91)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:1081387220)(i-remain-time=S:1235252942)(i-sa-bytes=S:0)(i-sa-packets=S:0)(i-total-bytes=S:0)(i-total-packets=S:0)( new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1198        4   963                                                                   (total-tunnels=I:1)(total-active-tunnels=I:0)(tunnel-list=(=(status=I:0)(ike-policy-id=S:1)(ike-policy-name=S:Cisco_MAS)(ike-policy-gorup-id=S:1)(ike-policy-group-name=S:Cisco_MAS)(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:67.113.165.100)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235252942)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(tunnel-id=S:1)(life-size=S:0)(life-time=S:1727990)(accu-time=S:91)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:1081387220)(i-remain-time=S:1235252942)(i-sa-bytes=S:0)(i-sa-packets=S:0)(i-total-bytes=S:0)(i-total-packets=S:0)("       Debug
2009-02-22 21:26:21 wgcgi_bin 23933----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23934----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: Tunnel_to_Altoona, 3, 1        Debug
2009-02-22 21:26:21 cmm_server  num_active_local_remote_pairs=1        Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: 263288, 0, 57112, 0        Debug
2009-02-22 21:26:21 cmm_server  more = 0        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       613         4   962                                                                   (active-local-remote-pair-num=I:1)(active-local-remote-pair-list=(=(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(send-bytes=S:263288)(send-packets=S:1878)(recv-bytes=S:57112)(recv-packets=S:477)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(create-time=S:1235252943)(key=S:Auto \(IKE\))(security=S:ESP-3DES-SHA1)(total-tunnels=S:3)(total-active-tunnels=S:1)(tunnel-list=(tunnel-id=S:4)(tunnel-id=S:2)(tunnel-id=S:3)))). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23934----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23935----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (176 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_963 [(tunnel-list-num=I:3)(tunnel-list=(tunnel-id=S:4)(tunnel-id=S:2)(tunnel-id=S:3))] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       3579        4   963                                                                   (total-tunnels=I:3)(total-active-tunnels=I:1)(tunnel-list=(=(status=I:1)(ike-policy-id=S:3)(ike-policy-name=S:Edge_Altoona)(ike-policy-gorup-id=S:2)(ike-policy-group-name=S:Edge_Altoona)(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:207.255.24.68)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235342814)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(tunnel-id=S:4)(life-size=S:0)(life-time=S:86390)(accu-time=S:13167)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:2024577307)(i-remain-time=S:1235342814)(i-sa-bytes=S:7552)(i-sa-packets=S:63)(i-total-bytes=S:7552)(i- new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       3579        4   963                                                                   (total-tunnels=I:3)(total-active-tunnels=I:1)(tunnel-list=(=(status=I:1)(ike-policy-id=S:3)(ike-policy-name=S:Edge_Altoona)(ike-policy-gorup-id=S:2)(ike-policy-group-name=S:Edge_Altoona)(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:207.255.24.68)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235342814)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(tunnel-id=S:4)(life-size=S:0)(life-time=S:86390)(accu-time=S:13167)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:2024577307)(i-remain-time=S:1235342814)(i-sa-bytes=S:7552)(i-sa-packets=S:63)(i-total-bytes=S:7552)(i-"       Debug
2009-02-22 21:26:21 wgcgi_bin 23935----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23936----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:3)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: risburg, -805365692, 2        Debug
2009-02-22 21:26:21 cmm_server  num_active_local_remote_pairs=0        Debug
2009-02-22 21:26:21 cmm_server  more = 0        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       34          4   962                                                                   (active-local-remote-pair-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23936----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23937----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:4)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: _Bank, -805365692, 2        Debug
2009-02-22 21:26:21 cmm_server  num_active_local_remote_pairs=0        Debug
2009-02-22 21:26:21 cmm_server  more = 0        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       34          4   962                                                                   (active-local-remote-pair-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23937----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23938----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:21 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542200135] msg_id="0F02-0007"       Debug
2009-02-22 21:26:21 wgcgi_bin CLI comand: show log-cache sequence 5301348725542200135 msg_id="0F02-0011"       Debug
2009-02-22 21:26:21 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.AV3GJI -o /tmp/cli_output.bfMMoX msg_id="0F02-0015"       Debug
2009-02-22 21:26:21 wgcgi_bin 23964----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 2_582 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  switch: MSG_ID_PCY_GET_PPTP_TUNNEL        Debug
2009-02-22 21:26:22 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:26:22 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:26:22 wgcgi_bin cmm/cmd resp is RS0       9           2   582                                                                   (num=S:0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:22 wgcgi_bin 23964----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:22 wgcgi_bin 23981----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:22 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:22 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:22 wgcgi_bin CMM cmd 2_585 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:22 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:23 cmm_server  MSG_ID_PCY_GET_SSLVPN_TUNNEL_LIST        Debug
2009-02-22 21:26:23 sslvpn[9704]  MANAGEMENT: Client connected from 127.0.0.1:7505        Debug
2009-02-22 21:26:23 sslvpn[9704]  MANAGEMENT: Client disconnected        Debug
2009-02-22 21:26:23 wgcgi_bin cmm/cmd resp is RS0       191         2   585                                                                   (num=I:1)(tunnel-list=(=(user=S:drreim)(real-ip=S:173.67.138.199)(real-port=S:63289)(virtual-ip=S:192.168.100.2)(logon-time=S:Sun:Feb:22:21:25:36:2009)(send-bytes=S:4221)(recv-Bytes=S:3710))). msg_id="0F00-0051"       Debug
2009-02-22 21:26:23 wgcgi_bin 23981----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:23 wgcgi_bin 24014----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:23 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:23 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:23 wgcgi_bin CMM cmd 1_3 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:23 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:23 cmm_server status logged out msg_id="0100-0532"       Debug
2009-02-22 21:26:23 wgcgi_bin cmm/cmd resp is RS0       0           1   3                                                                     . msg_id="0F00-0051"       Debug
2009-02-22 21:26:23 wgcgi_bin 24014----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:23 Allow 81.161.192.4 205.238.249.55 http/tcp 32 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2097153 win 0" rc="100"       Traffic
2009-02-22 21:26:23 Allow 81.161.192.4 205.238.249.55 http/tcp 224 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 14680064 win 65535" rc="100"       Traffic
2009-02-22 21:26:23 Allow 81.161.192.4 205.238.249.55 http/tcp 224 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 14680065 win 0" rc="100"       Traffic
2009-02-22 21:26:24 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542200135 msg_id="0F02-0012"       Debug
2009-02-22 21:26:24 wgcgi_bin 23938----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:24 Allow 172.16.151.252 64.251.27.193 dns/udp 60937 53 1-Lancaster 0-External allowed, idle timeout=15 sec 80 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10013" rc="100"       Traffic
2009-02-22 21:26:25 Deny 213.238.127.61 205.238.249.55 10147/udp 18230 10147 0-External Firebox denied 129 107 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:25 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:26:25 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:26:25 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:25 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:25 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=4014c68e 133cf2cb r=1936fc98 f9acabaa msg_id="0203-5059"       Debug
2009-02-22 21:26:25 Allow 172.16.151.58 86.99.130.206 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10036" rc="100"       Traffic
2009-02-22 21:26:26 Deny 222.165.94.179 205.238.249.55 10019/udp 24175 10019 0-External Firebox denied 126 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:26 Allow 172.16.151.213 124.239.86.239 8000/tcp 4482 8000 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10046" tcpinfo="offset 7 S 1351501714 win 65535" rc="100"       Traffic
2009-02-22 21:26:27 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:27 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:27 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:27 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:27 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:27 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=4014c68e 133cf2cb r=ff26adc0 90462c57 msg_id="0203-5059"       Debug
2009-02-22 21:26:27 Deny 124.227.192.107 205.238.249.55 15791/udp 41410 15791 0-External Firebox denied 90 107 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:28 Allow 172.16.151.252 64.251.27.193 dns/udp 65100 53 1-Lancaster 0-External allowed, idle timeout=15 sec 80 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10014" rc="100"       Traffic
2009-02-22 21:26:28 Allow 192.168.3.1 192.168.3.50 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.50 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:29 Allow 81.161.192.4 205.238.249.55 http/tcp 32782 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2148401152 win 65535" rc="100"       Traffic
2009-02-22 21:26:29 Deny 81.161.192.4 205.238.249.55 http/tcp 0 80 0-External unknown Packet with src/dst port 0, firewall drop 40 19 (internal policy)  tcpinfo="offset 5 S 0 win 65535" rc="101"       Traffic
2009-02-22 21:26:29 Traffic 8008  Traffic detected,  proc_id="ma" msg_id="0401-1000" time="Sun Feb 22 21:26:29 2009 (EST)" hostname="FireboxX750e.kourt.com"       Alarm
2009-02-22 21:26:29 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:29 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:29 Allow 81.161.192.4 205.238.249.55 http/tcp 32782 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2148401153 win 0" rc="100"       Traffic
2009-02-22 21:26:29 Allow 192.168.3.1 192.168.3.50 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.50 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:29 wgcgi_bin 24021----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:29 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:29 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:29 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542200330] msg_id="0F02-0007"       Debug
2009-02-22 21:26:29 wgcgi_bin CLI comand: show log-cache sequence 5301348725542200330 msg_id="0F02-0011"       Debug
2009-02-22 21:26:29 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.2ZJ6SQ -o /tmp/cli_output.zg2atU msg_id="0F02-0015"       Debug
2009-02-22 21:26:29 Allow 172.16.151.250 199.212.0.53 dns/udp 51038 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10092" rc="100"       Traffic
2009-02-22 21:26:29 Allow 172.16.151.250 82.216.111.75 dns/udp 58869 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" rc="100"       Traffic
ASKER CERTIFIED SOLUTION
Avatar of it-kourt
it-kourt
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Good to know that the problem is resolved! :)
If running SSL VPN on a Vista client disable UAC

C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

or instruct user to run as administrator to start the SSL VPN