How to setup Watchguard Mobile VPN with SSL to connect to network resources?

I am trying to setup Mobile VPN with SSL for remote users.  I configured authentication using AD and Mobile VPN with SSL.  I can connect to the firebox but I do not have access to any network resources.
it-kourtAsked:
Who is Participating?
 
it-kourtConnect With a Mentor Author Commented:
I reinstalled the client and all is well now.  Thanks for your help.
0
 
dpk_walCommented:
You should have a policy in which you grant access to SSL-VPN-users; also, while you configured SSL VPN you would have either checked Force all traffic or specific allowed resources.

If you are using version 10.x of WSM then "Allow SSL VPN-Users" policy would be created by default.

Please check and update.

Thank you.
0
 
it-kourtAuthor Commented:
I am running WSM 10.2.7 and "Allow SSL VPN=Users" policy was created by default.  When I open the policy it shows:
from: SSL VPN-Users(Active Directory) to: Any
And under Mobile VPN, SSL "Force all client traffic through tunnel" is checked.

I also created a AD Group SSLVPN-Users group and added this object to all users that are allowed to access remotely.
0
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

 
dpk_walCommented:
Please edit the auto-generated policy and enable logging for all enabled/denied packets in Properties tab. When the remote user connects and send traffic I would like you to monitor traffic monitor and see what logs you see.
Another thing I would like to verify is what is the IP subnet of the client, is it same as the virtual IP sibnet; if yes then this would cause problem and we would need to change the IP subnet at one of the ends.

Please check and update.

Thank you.
0
 
it-kourtAuthor Commented:
IP subnet of SSL-VPN is 192.168.100.0/24
172.16.151.0/24 is main site
192.168.3.0/24 is branch office PTP T1 Private Network
192.168.2.0/24 is extranet
192.168.222.0/24 is a branch office WG edge
192.168.4.0/24 is a branch office WG edge
10.146.40.0/24 is extranet

2009-02-22 21:24:13 Allow 172.16.151.252 193.0.0.193 dns/udp 59410 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" rc="100"       Traffic
2009-02-22 21:24:13 Allow 172.16.151.252 217.169.119.68 dns/udp 59410 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:13 Allow 172.16.151.252 193.0.0.196 dns/udp 64553 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10027" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 200.33.146.204 dns/udp 62964 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10007" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 192.5.6.32 dns/udp 61207 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10010" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 65.68.49.6 dns/udp 52286 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 204.152.184.64 dns/udp 58701 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 194.204.0.1 dns/udp 50072 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10008" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.213 124.239.86.239 8000/tcp 4476 8000 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" tcpinfo="offset 7 S 2832597991 win 65535" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 192.36.125.2 dns/udp 49747 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 193.227.196.3 dns/udp 57714 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10028" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 192.5.6.32 dns/udp 64651 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10011" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 151.203.0.86 dns/udp 64726 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:24:14 Allow 172.16.151.252 193.0.0.196 dns/udp 60565 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10029" rc="100"       Traffic
2009-02-22 21:24:14 Deny 95.84.132.57 205.238.249.55 10089/udp 57838 10089 0-External Firebox denied 134 109 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:14 wgcgi_bin 21953----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:14 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:14 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:14 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542197690] msg_id="0F02-0007"       Debug
2009-02-22 21:24:14 wgcgi_bin CLI comand: show log-cache sequence 5301348725542197690 msg_id="0F02-0011"       Debug
2009-02-22 21:24:14 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.HL8exR -o /tmp/cli_output.OXxlt0 msg_id="0F02-0015"       Debug
2009-02-22 21:24:14 Allow 172.16.151.58 116.227.35.212 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:24:15 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:15 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:15 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=93cc109b 4300604b r=6202c8a6 e171e447 msg_id="0203-5059"       Debug
2009-02-22 21:24:16 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542197690 msg_id="0F02-0012"       Debug
2009-02-22 21:24:16 wgcgi_bin 21953----stop msg_id="0F00-0002"       Debug
2009-02-22 21:24:16 Allow 172.16.151.252 64.251.27.193 dns/udp 51696 53 1-Lancaster 0-External allowed, idle timeout=15 sec 80 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10004" rc="100"       Traffic
2009-02-22 21:24:16 Allow 172.16.151.252 8.10.120.245 dns/udp 49458 53 1-Lancaster 0-External allowed, idle timeout=15 sec 74 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:16 Allow 172.16.151.252 8.10.120.245 dns/udp 60106 53 1-Lancaster 0-External allowed, idle timeout=15 sec 74 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10010" rc="100"       Traffic
2009-02-22 21:24:17 Deny 80.221.31.213 205.238.249.55 13425/udp 35809 13425 0-External Firebox denied 131 109 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:17 Deny 89.137.118.214 205.238.249.55 10387/udp 20452 10387 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:18 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:18 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:18 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=93cc109b 4300604b r=88215750 3c576438 msg_id="0203-5059"       Debug
2009-02-22 21:24:18 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:18 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:18 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:19 Allow 172.16.151.252 202.12.29.59 dns/udp 63567 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" rc="100"       Traffic
2009-02-22 21:24:19 Deny 212.118.142.7 205.238.249.55 13425/udp 60623 13425 0-External Firebox denied 126 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:19 Allow 172.16.151.252 62.149.114.7 dns/udp 50755 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10008" rc="100"       Traffic
2009-02-22 21:24:19 Deny 76.226.147.177 205.238.249.55 10404/udp 53443 10404 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:19 Allow 172.16.151.252 212.118.133.101 dns/udp 50755 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10010" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 202.12.29.59 dns/udp 64263 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 192.42.93.30 dns/udp 61879 53 1-Lancaster 0-External allowed, idle timeout=15 sec 60 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 91.190.112.251 dns/udp 64723 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 202.12.29.59 dns/udp 55785 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10022" rc="100"       Traffic
2009-02-22 21:24:20 Allow 172.16.151.252 193.19.192.3 dns/udp 59170 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10005" rc="100"       Traffic
2009-02-22 21:24:20 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:20 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:20 Allow 172.16.151.58 86.55.202.72 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10012" rc="100"       Traffic
2009-02-22 21:24:21 Deny 117.47.31.92 205.238.249.55 13420/udp 10077 13420 0-External Firebox denied 126 106 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:21 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:24:21 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:24:21 Deny 221.202.85.184 205.238.249.55 10402/udp 15220 10402 0-External Firebox denied 90 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:21 wgcgi_bin 22009----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:21 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:21 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:21 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542197897] msg_id="0F02-0007"       Debug
2009-02-22 21:24:21 wgcgi_bin CLI comand: show log-cache sequence 5301348725542197897 msg_id="0F02-0011"       Debug
2009-02-22 21:24:21 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.NpWFYm -o /tmp/cli_output.VRNGNl msg_id="0F02-0015"       Debug
2009-02-22 21:24:22 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:24:22 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:24:22 Allow 172.16.151.13 204.141.57.100 https/tcp 3130 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" tcpinfo="offset 6 S 20762624 win 5840" rc="100"       Traffic
2009-02-22 21:24:22 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:22 Allow 172.16.151.13 204.141.57.100 https/tcp 3130 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" tcpinfo="offset 5 AR 20762693 win 0" rc="100"       Traffic
2009-02-22 21:24:23 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542197897 msg_id="0F02-0012"       Debug
2009-02-22 21:24:23 wgcgi_bin 22009----stop msg_id="0F00-0002"       Debug
2009-02-22 21:24:24 Deny 85.217.232.228 205.238.249.55 10507/udp 12712 10507 0-External Firebox denied 131 108 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:24 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:24 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:24 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:24 Allow 172.16.151.13 204.141.57.101 https/tcp 3131 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" tcpinfo="offset 6 S 30117888 win 5840" rc="100"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.13 204.141.57.101 https/tcp 3131 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" tcpinfo="offset 5 AR 30117957 win 5788" rc="100"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.13 204.141.57.101 https/tcp 3131 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10017" tcpinfo="offset 5 R 30117957 win 0" rc="100"       Traffic
2009-02-22 21:24:25 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:24:25 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:24:25 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:25 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:25 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d70bf8f9 12104fda r=11f77adc 317275d5 msg_id="0203-5059"       Debug
2009-02-22 21:24:25 Allow 172.16.151.252 204.152.184.64 dns/udp 64028 53 1-Lancaster 0-External allowed, idle timeout=15 sec 70 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.252 62.42.230.135 dns/udp 55327 53 1-Lancaster 0-External allowed, idle timeout=15 sec 70 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10031" rc="100"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.252 202.12.28.140 dns/udp 49848 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10067" rc="100"       Traffic
2009-02-22 21:24:25 Deny 99.243.240.120 205.238.249.55 10404/udp 49497 10404 0-External Firebox denied 131 115 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:25 Allow 172.16.151.252 193.0.0.193 dns/udp 54777 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10023" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 213.47.222.133 dns/udp 55313 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10006" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 199.191.128.106 dns/udp 56077 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10011" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 192.26.92.30 dns/udp 62869 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10008" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 205.178.190.39 dns/udp 49977 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10068" rc="100"       Traffic
2009-02-22 21:24:26 Allow 172.16.151.252 205.178.152.46 dns/udp 58650 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" rc="100"       Traffic
2009-02-22 21:24:27 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:27 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:27 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d70bf8f9 12104fda r=4f740f4b e5e4f3f8 msg_id="0203-5059"       Debug
2009-02-22 21:24:28 Allow 172.16.151.250 199.191.128.106 dns/udp 56273 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10012" rc="100"       Traffic
2009-02-22 21:24:28 Allow 172.16.151.250 192.43.172.30 dns/udp 56804 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" rc="100"       Traffic
2009-02-22 21:24:28 Allow 172.16.151.250 205.178.190.39 dns/udp 60155 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10069" rc="100"       Traffic
2009-02-22 21:24:28 Allow 172.16.151.250 205.178.152.46 dns/udp 60693 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10022" rc="100"       Traffic
2009-02-22 21:24:28 wgcgi_bin 22066----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:28 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:28 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:28 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542197938] msg_id="0F02-0007"       Debug
2009-02-22 21:24:28 wgcgi_bin CLI comand: show log-cache sequence 5301348725542197938 msg_id="0F02-0011"       Debug
2009-02-22 21:24:28 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.W4bTer -o /tmp/cli_output.UtpKng msg_id="0F02-0015"       Debug
2009-02-22 21:24:28 Deny 71.82.107.17 205.238.249.55 22332/udp 59420 22332 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:29 Deny 116.14.223.18 205.238.249.55 13657/udp 53537 13657 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:30 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542197938 msg_id="0F02-0012"       Debug
2009-02-22 21:24:30 wgcgi_bin 22066----stop msg_id="0F00-0002"       Debug
2009-02-22 21:24:30 Allow 172.16.151.252 205.178.190.39 dns/udp 53325 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10070" rc="100"       Traffic
2009-02-22 21:24:30 Allow 172.16.151.252 205.178.144.39 dns/udp 58023 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10009" rc="100"       Traffic
2009-02-22 21:24:30 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:30 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:30 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d70bf8f9 12104fda r=629394bd e4beeea8 msg_id="0203-5059"       Debug
2009-02-22 21:24:31 Allow 172.16.151.250 205.178.144.39 dns/udp 59165 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10010" rc="100"       Traffic
2009-02-22 21:24:32 Allow 172.16.151.250 205.178.144.39 dns/udp 55237 53 1-Lancaster 0-External allowed, idle timeout=15 sec 71 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10011" rc="100"       Traffic
2009-02-22 21:24:32 Deny 116.14.223.18 205.238.249.55 10206/udp 53537 10206 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:33 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:33 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:33 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d70bf8f9 12104fda r=5e95239a 23b7fe37 msg_id="0203-5059"       Debug
2009-02-22 21:24:33 Allow 172.16.151.14 12.149.218.73 https/tcp 2895 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" tcpinfo="offset 6 S 124043264 win 5840" rc="100"       Traffic
2009-02-22 21:24:34 Allow 172.16.151.14 12.149.218.73 https/tcp 2895 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" tcpinfo="offset 5 AR 124043333 win 5788" rc="100"       Traffic
2009-02-22 21:24:34 Allow 172.16.151.14 12.149.218.73 https/tcp 2895 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" tcpinfo="offset 5 R 124043333 win 0" rc="100"       Traffic
2009-02-22 21:24:34 wan 657955785 1770675826 unix_time="1235355874.87327"       Stats
2009-02-22 21:24:34 tunnel 57112 263288 unix_time="1235355874.87327"       Stats
2009-02-22 21:24:34 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:34 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:34 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:34 Allow 172.16.151.112 220.255.168.174 24484/tcp 1413 24484 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10033" tcpinfo="offset 7 S 2306318158 win 65535" rc="100"       Traffic
2009-02-22 21:24:35 Deny 116.14.223.18 205.238.249.55 10143/udp 53537 10143 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:35 wgcgi_bin 22122----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:35 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:35 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:35 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542197979] msg_id="0F02-0007"       Debug
2009-02-22 21:24:35 wgcgi_bin CLI comand: show log-cache sequence 5301348725542197979 msg_id="0F02-0011"       Debug
2009-02-22 21:24:35 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.FHbJtm -o /tmp/cli_output.Sczy91 msg_id="0F02-0015"       Debug
2009-02-22 21:24:35 Deny 24.226.153.176 205.238.249.55 10143/udp 12559 10143 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:36 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:24:36 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:24:36 Allow 172.16.151.252 61.177.95.106 dns/udp 55557 53 1-Lancaster 0-External allowed, idle timeout=15 sec 66 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10023" rc="100"       Traffic
2009-02-22 21:24:36 Allow 172.16.151.213 124.239.86.239 8000/tcp 4477 8000 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" tcpinfo="offset 7 S 1405661417 win 65535" rc="100"       Traffic
2009-02-22 21:24:36 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542197979 msg_id="0F02-0012"       Debug
2009-02-22 21:24:36 wgcgi_bin 22122----stop msg_id="0F00-0002"       Debug
2009-02-22 21:24:36 Deny 72.77.13.12 205.238.249.55 14750/udp 52267 14750 0-External Firebox denied 131 107 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:36 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:36 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:37 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:24:37 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:24:37 Deny 62.68.96.34 205.238.249.55 10376/udp 12668 10376 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:37 Deny 123.218.155.59 205.238.249.55 14192/udp 13990 14192 0-External Firebox denied 129 108 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:38 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:39 Deny 82.60.18.4 205.238.249.55 10147/udp 62117 10147 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:39 Deny 74.7.129.38 205.238.249.55 13425/udp 43224 13425 0-External Firebox denied 131 108 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:24:40 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:24:40 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:24:40 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:40 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:40 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=4d1b5e17 efd51305 r=933d56ff 4869ccc1 msg_id="0203-5059"       Debug
2009-02-22 21:24:40 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:40 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:40 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:24:41 iked Received a keepalive_request message from 207.255.24.68:500 msg_id="0203-5066"       Debug
2009-02-22 21:24:41 iked  Sending keepalive_ack message to 207.255.24.68:500 msg_id="0203-5060"       Debug
2009-02-22 21:24:41 Allow 172.16.151.58 12.196.165.254 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10013" rc="100"       Traffic
2009-02-22 21:24:42 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:24:42 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:24:42 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=4d1b5e17 efd51305 r=ed7ae610 6f5ec9bc msg_id="0203-5059"       Debug
2009-02-22 21:24:42 wgcgi_bin 22179----start msg_id="0F00-0001"       Debug
2009-02-22 21:24:42 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:24:42 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:24:42 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542198010] msg_id="0F02-0007"       Debug
2009-02-22 21:24:42 wgcgi_bin CLI comand: show log-cache sequence 5301348725542198010 msg_id="0F02-0011"       Debug
2009-02-22 21:24:42 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.1nb2ky -o /tmp/cli_output.XExce4 msg_id="0F02-0015"       Debug
2009-02-22 21:25:45 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:45 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:45 wgcgi_bin 23314----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:45 wgcgi_bin CMM cmd 1_203 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd resp is RS0       834         1   203                                                                   (num-if=I:8)(if-counter-list=(=(if-index=I:0)(denied-packets=S:93781)(counters=(=S:0)(=S:1948857)(=S:27833)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:1)(denied-packets=S:40)(counters=(=S:2335016)(=S:0)(=S:104091)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:2)(denied-packets=S:66)(counters=(=S:26835)(=S:109694)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:3)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:4)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:5)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:6)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:7)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:45 wgcgi_bin 23314----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:45 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:25:45 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:25:45 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=f7e49e5b 80707ee6 r=f62d2ac7 d61c8ebb msg_id="0203-5059"       Debug
2009-02-22 21:25:45 wgcgi_bin 23316----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:45 wgcgi_bin CMM cmd 4_831 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd resp is RS0       61          4   831                                                                   (mode=I:0)(drop-in-mode=I:0)(ip=S:0.0.0.0)(netmask=S:0.0.0.0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:45 wgcgi_bin 23316----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:45 wgcgi_bin 23317----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw CMM command (111 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:45 wgcgi_bin CMM cmd 4_100 [(info-type=I:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:45   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4 new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4"       Debug
2009-02-22 21:25:45 wgcgi_bin 23317----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:45 wgcgi_bin 23342----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw SNMP command (192 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin 23342----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:45 wgcgi_bin 23343----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:45 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:45 wgcgi_bin Handling raw SNMP command (226 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:45 wgcgi_bin 23343----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:46 wgcgi_bin 23344----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:46 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:46 wgcgi_bin Handling raw SNMP command (216 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:46 wgcgi_bin 23344----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:46 wgcgi_bin 23345----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:46 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:46 wgcgi_bin Handling raw CMM command (108 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:46 wgcgi_bin CMM cmd 4_971 [(vlanId=I:0)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:46 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:46 wgcgi_bin cmm/cmd resp is RS0       19          4   971                                                                   (vlan-info-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:46 wgcgi_bin 23345----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:46 wgcgi_bin 23346----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:46 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:46 wgcgi_bin Handling raw SNMP command (75 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:46 wgcgi_bin 23346----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:46 wgcgi_bin 23348----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:46 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:46 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:46 wgcgi_bin CMM cmd 4_525 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:46 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:46   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A.""       Debug
2009-02-22 21:25:46 wgcgi_bin 23348----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 wgcgi_bin 23349----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 4_134 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009  new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009 "       Debug
2009-02-22 21:25:47 wgcgi_bin 23349----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 wgcgi_bin 23350----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 4_961 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd resp is RS0       215         4   961                                                                   (ike-policy-group-num=I:4)(ike-policy-group-list=(=(id=S:1)(name=S:Cisco_MAS)(num=S:1))(=(id=S:2)(name=S:Edge_Altoona)(num=S:1))(=(id=S:3)(name=S:Edge_Harrisburg)(num=S:0))(=(id=S:4)(name=S:Reliance_Bank)(num=S:0))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 wgcgi_bin 23350----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 wgcgi_bin 23351----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 2_505 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 cmm_server  switch: MSG_ID_PCY_GET_ALL_ACTIVE_USERS        Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd resp is RS0       8           2   505                                                                   (users=). msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 wgcgi_bin 23351----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 wgcgi_bin 23352----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 2_585 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 cmm_server  MSG_ID_PCY_GET_SSLVPN_TUNNEL_LIST        Debug
2009-02-22 21:25:47 sslvpn[9704]  MANAGEMENT: Client connected from 127.0.0.1:7505        Debug
2009-02-22 21:25:47 sslvpn[9704]  MANAGEMENT: Client disconnected        Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd resp is RS0       191         2   585                                                                   (num=I:1)(tunnel-list=(=(user=S:drreim)(real-ip=S:173.67.138.199)(real-port=S:63289)(virtual-ip=S:192.168.100.2)(logon-time=S:Sun:Feb:22:21:25:36:2009)(send-bytes=S:4017)(recv-Bytes=S:3514))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 wgcgi_bin 23352----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:47 Allow 172.16.151.13 12.149.218.73 https/tcp 3140 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10038" tcpinfo="offset 6 S 101101568 win 5840" rc="100"       Traffic
2009-02-22 21:25:47 wgcgi_bin 23361----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 2_582 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:47 cmm_server  switch: MSG_ID_PCY_GET_PPTP_TUNNEL        Debug
2009-02-22 21:25:47 Allow 172.16.151.13 12.149.218.73 https/tcp 3140 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10038" tcpinfo="offset 5 AR 101101637 win 0" rc="100"       Traffic
2009-02-22 21:25:47 wgcgi_bin 23375----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:47 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:47 wgcgi_bin Handling raw CMM command (179 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:47 wgcgi_bin CMM cmd 1_1 [(id=S:status)(challenge=S:2afTDcN3WHwH00yXnw9uYNCUUCWozuDoa+J2Sy92W7mL2r4356+7Hg==)(src_ip=S:172.16.151.58)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:47 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 Allow 81.161.192.4 205.238.249.55 http/tcp 32840 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2152202240 win 65535" rc="100"       Traffic
2009-02-22 21:25:48 Allow 81.161.192.4 205.238.249.55 http/tcp 32840 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2152202241 win 0" rc="100"       Traffic
2009-02-22 21:25:48 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:25:48 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:25:48 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=f7e49e5b 80707ee6 r=8925cb6f dafca398 msg_id="0203-5059"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd resp is RS0       9           2   582                                                                   (num=S:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 wgcgi_bin 23361----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:48 cmm_server status logged in from 172.16.151.58 msg_id="0100-0531"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd resp is RS0       381         1   1                                                                     (sid=S:1711103916)(response=S:5rGcpN4xplTvEif0khh4kkD2kyl5AV+rgm0GWBdZ4PsCR7nV/5eNayZ6Ndk0Elx2)(e_right=(account_admin=I:1)(sys_config=I:1)(pcy_backup=I:1)(log_backup=I:1)(pcy_config=I:1)(alarm_setup=I:1)(alarm_clear=I:1)(rt_monitor=I:1))(b_right=(account_admin=I:1)(sys_config=I:1)(pcy_backup=I:1)(log_backup=I:1)(pcy_config=I:1)(alarm_setup=I:1)(alarm_clear=I:2)(rt_monitor=I:1))^_. msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 wgcgi_bin 23375----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:48 wgcgi_bin 23379----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:48 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:48 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:48 wgcgi_bin CMM cmd 4_201 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd resp is RS0       186         4   201                                                                   (name=S:FireboxX750e)(contact=S:David Reim)(location=S:Plum Street)(version=S:10.2)(package=S:Firebox X750e)(sn=S:9085506255E37)(feature=S:1)(patch=S:7)(no_interface=I:8)(no_policy=I:28). msg_id="0F00-0051"       Debug
2009-02-22 21:25:48 wgcgi_bin 23379----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:48 Allow 172.16.151.252 192.5.6.32 dns/udp 54229 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" rc="100"       Traffic
2009-02-22 21:25:48 wgcgi_bin 23380----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:48 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:48 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:48 wgcgi_bin CMM cmd 4_525 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:48   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A.""       Debug
2009-02-22 21:25:48 wgcgi_bin 23380----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:48 Allow 172.16.151.252 192.42.93.30 dns/udp 55014 53 1-Lancaster 0-External allowed, idle timeout=15 sec 65 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10032" rc="100"       Traffic
2009-02-22 21:25:48 wgcgi_bin 23381----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:48 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:48 wgcgi_bin Handling raw CMM command (111 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:48 wgcgi_bin CMM cmd 4_100 [(info-type=I:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:48 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4 new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4"       Debug
2009-02-22 21:25:49 wgcgi_bin 23381----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 Allow 172.16.151.252 134.241.1.3 dns/udp 49730 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10046" rc="100"       Traffic
2009-02-22 21:25:49 wgcgi_bin 23406----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw SNMP command (570 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin 23406----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23407----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CLI command (107 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:25:49 wgcgi_bin CLI cmd 4_331 [cfm counter] msg_id="0F02-0007"       Debug
2009-02-22 21:25:49 wgcgi_bin CLI comand: cfm counter msg_id="0F02-0011"       Debug
2009-02-22 21:25:49 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.HNamFi -o /tmp/cli_output.KbxJQh msg_id="0F02-0015"       Debug
2009-02-22 21:25:49 wgcgi_bin 23409----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_831 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       61          4   831                                                                   (mode=I:0)(drop-in-mode=I:0)(ip=S:0.0.0.0)(netmask=S:0.0.0.0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23409----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 Allow 192.168.3.51 192.168.3.1 netbios-ns/udp 137 137 2-Williamsport Firebox allowed, idle timeout=15 sec 78 128 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:49 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:49 wgcgi_bin 23439----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (108 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_971 [(vlanId=I:0)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       19          4   971                                                                   (vlan-info-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23439----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23461----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_134 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009  new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009 "       Debug
2009-02-22 21:25:49 wgcgi_bin 23461----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 Allow 172.16.151.13 204.141.57.100 https/tcp 3141 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" tcpinfo="offset 6 S 107208704 win 5840" rc="100"       Traffic
2009-02-22 21:25:49 wgcgi_bin 23462----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 1_202 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       522         1   202                                                                   (total_in_byte=S:2790863827)(total_in_packet=S:6715997)(total_out_byte=S:3354440646)(total_out_packet=S:6431802)(ipsec_byte=S:320400)(ipsec_packet=S:2355)(no_stream=S:6001)(no_active_stream=S:239)(no_sa=S:1)(max_sa=S:8000)(pub_status=I:1)(pvt_status=I:1)(dmz_status=I:1)(dmz2_status=I:0)(sys_up_time=S:1039539)(sys_time=S:Sun Feb 22 21:25:49 2009 )(cpu_util_5=S:9.99)(no_blocked_ips=S:0)(max_blocked_ips=I:0)(total-denied-packets=S:93887)(total-auth-users=S:1)(log-server-ip=S:172.16.151.58)(log-server-status=S:Connected). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23462----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 Allow 172.16.151.13 204.141.57.100 https/tcp 3141 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" tcpinfo="offset 5 AR 107208773 win 5788" rc="100"       Traffic
2009-02-22 21:25:49 Allow 172.16.151.13 204.141.57.100 https/tcp 3141 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" tcpinfo="offset 5 R 107208773 win 0" rc="100"       Traffic
2009-02-22 21:25:49 proxy[12600] received UDS event to='rd/dev/cfm0' msg_id="0F02-0150"       Debug
2009-02-22 21:25:49 proxy[12600] received UDS command='counter' id=[17767] from='dev/client.23432' msg_id="0F02-0153"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23432' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti new_msg=" pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23432' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti"       Debug
2009-02-22 21:25:49 wgcgi_bin 23465----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 2_505 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  switch: MSG_ID_PCY_GET_ALL_ACTIVE_USERS        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       8           2   505                                                                   (users=). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23465----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23466----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_961 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       215         4   961                                                                   (ike-policy-group-num=I:4)(ike-policy-group-list=(=(id=S:1)(name=S:Cisco_MAS)(num=S:1))(=(id=S:2)(name=S:Edge_Altoona)(num=S:1))(=(id=S:3)(name=S:Edge_Harrisburg)(num=S:0))(=(id=S:4)(name=S:Reliance_Bank)(num=S:0))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23466----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23467----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:1)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: Tunnel_to_MAS, 1, 0        Debug
2009-02-22 21:25:49 cmm_server  num_active_local_remote_pairs=1        Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: 0, 0, 0, 0        Debug
2009-02-22 21:25:49 cmm_server  more = 0        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       563         4   962                                                                   (active-local-remote-pair-num=I:1)(active-local-remote-pair-list=(=(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(send-bytes=S:0)(send-packets=S:0)(recv-bytes=S:0)(recv-packets=S:0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(create-time=S:1235252942)(key=S:Auto \(IKE\))(security=S:ESP-3DES-SHA1)(total-tunnels=S:1)(total-active-tunnels=S:0)(tunnel-list=(tunnel-id=S:1)))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23467----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23468----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (146 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_963 [(tunnel-list-num=I:1)(tunnel-list=(tunnel-id=S:1))] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1198        4   963                                                                   (total-tunnels=I:1)(total-active-tunnels=I:0)(tunnel-list=(=(status=I:0)(ike-policy-id=S:1)(ike-policy-name=S:Cisco_MAS)(ike-policy-gorup-id=S:1)(ike-policy-group-name=S:Cisco_MAS)(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:67.113.165.100)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235252942)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(tunnel-id=S:1)(life-size=S:0)(life-time=S:1727990)(accu-time=S:91)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:1081387220)(i-remain-time=S:1235252942)(i-sa-bytes=S:0)(i-sa-packets=S:0)(i-total-bytes=S:0)(i-total-packets=S:0)( new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1198        4   963                                                                   (total-tunnels=I:1)(total-active-tunnels=I:0)(tunnel-list=(=(status=I:0)(ike-policy-id=S:1)(ike-policy-name=S:Cisco_MAS)(ike-policy-gorup-id=S:1)(ike-policy-group-name=S:Cisco_MAS)(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:67.113.165.100)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235252942)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(tunnel-id=S:1)(life-size=S:0)(life-time=S:1727990)(accu-time=S:91)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:1081387220)(i-remain-time=S:1235252942)(i-sa-bytes=S:0)(i-sa-packets=S:0)(i-total-bytes=S:0)(i-total-packets=S:0)("       Debug
2009-02-22 21:25:49 wgcgi_bin 23468----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23469----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: Tunnel_to_Altoona, 3, 1        Debug
2009-02-22 21:25:49 cmm_server  num_active_local_remote_pairs=1        Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: 263288, 0, 57112, 0        Debug
2009-02-22 21:25:49 cmm_server  more = 0        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       613         4   962                                                                   (active-local-remote-pair-num=I:1)(active-local-remote-pair-list=(=(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(send-bytes=S:263288)(send-packets=S:1878)(recv-bytes=S:57112)(recv-packets=S:477)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(create-time=S:1235252943)(key=S:Auto \(IKE\))(security=S:ESP-3DES-SHA1)(total-tunnels=S:3)(total-active-tunnels=S:1)(tunnel-list=(tunnel-id=S:4)(tunnel-id=S:2)(tunnel-id=S:3)))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23469----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23470----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (176 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_963 [(tunnel-list-num=I:3)(tunnel-list=(tunnel-id=S:4)(tunnel-id=S:2)(tunnel-id=S:3))] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       3579        4   963                                                                   (total-tunnels=I:3)(total-active-tunnels=I:1)(tunnel-list=(=(status=I:1)(ike-policy-id=S:3)(ike-policy-name=S:Edge_Altoona)(ike-policy-gorup-id=S:2)(ike-policy-group-name=S:Edge_Altoona)(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:207.255.24.68)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235342814)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(tunnel-id=S:4)(life-size=S:0)(life-time=S:86390)(accu-time=S:13135)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:2024577307)(i-remain-time=S:1235342814)(i-sa-bytes=S:7552)(i-sa-packets=S:63)(i-total-bytes=S:7552)(i- new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       3579        4   963                                                                   (total-tunnels=I:3)(total-active-tunnels=I:1)(tunnel-list=(=(status=I:1)(ike-policy-id=S:3)(ike-policy-name=S:Edge_Altoona)(ike-policy-gorup-id=S:2)(ike-policy-group-name=S:Edge_Altoona)(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:207.255.24.68)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235342814)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(tunnel-id=S:4)(life-size=S:0)(life-time=S:86390)(accu-time=S:13135)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:2024577307)(i-remain-time=S:1235342814)(i-sa-bytes=S:7552)(i-sa-packets=S:63)(i-total-bytes=S:7552)(i-"       Debug
2009-02-22 21:25:49 wgcgi_bin 23470----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23471----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:3)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: risburg, -805365692, 2        Debug
2009-02-22 21:25:49 cmm_server  num_active_local_remote_pairs=0        Debug
2009-02-22 21:25:49 cmm_server  more = 0        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       34          4   962                                                                   (active-local-remote-pair-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23471----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23472----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:4)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  check local remote pairs: _Bank, -805365692, 2        Debug
2009-02-22 21:25:49 cmm_server  num_active_local_remote_pairs=0        Debug
2009-02-22 21:25:49 cmm_server  more = 0        Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd resp is RS0       34          4   962                                                                   (active-local-remote-pair-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 wgcgi_bin 23472----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:49 wgcgi_bin 23473----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:49 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:49 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:49 wgcgi_bin CMM cmd 2_582 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:49 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:49 cmm_server  switch: MSG_ID_PCY_GET_PPTP_TUNNEL        Debug
2009-02-22 21:25:49 Allow 81.161.192.4 205.238.249.55 http/tcp 64 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 4194304 win 65535" rc="100"       Traffic
2009-02-22 21:25:50 wgcgi_bin Found prompt and submitted command: cfm counter msg_id="0F02-0012"       Debug
2009-02-22 21:25:50 wgcgi_bin 23407----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:50 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:50 wgcgi_bin cmm/cmd resp is RS0       9           2   582                                                                   (num=S:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 wgcgi_bin 23473----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:50 Deny 70.49.87.147 205.238.249.55 10263/udp 35706 10263 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:50 wgcgi_bin 23489----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:50 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:50 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:50 wgcgi_bin CMM cmd 2_585 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:50 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 cmm_server  MSG_ID_PCY_GET_SSLVPN_TUNNEL_LIST        Debug
2009-02-22 21:25:50 sslvpn[9704]  MANAGEMENT: Client connected from 127.0.0.1:7505        Debug
2009-02-22 21:25:50 sslvpn[9704]  MANAGEMENT: Client disconnected        Debug
2009-02-22 21:25:50 wgcgi_bin cmm/cmd resp is RS0       191         2   585                                                                   (num=I:1)(tunnel-list=(=(user=S:drreim)(real-ip=S:173.67.138.199)(real-port=S:63289)(virtual-ip=S:192.168.100.2)(logon-time=S:Sun:Feb:22:21:25:36:2009)(send-bytes=S:4017)(recv-Bytes=S:3514))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 wgcgi_bin 23489----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:50 wgcgi_bin 23498----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:50 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:50 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:50 wgcgi_bin CMM cmd 1_3 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:50 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 cmm_server status logged out msg_id="0100-0532"       Debug
2009-02-22 21:25:50 wgcgi_bin cmm/cmd resp is RS0       0           1   3                                                                     . msg_id="0F00-0051"       Debug
2009-02-22 21:25:50 wgcgi_bin 23498----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:50 Deny 78.178.30.92 205.238.249.55 10376/udp 33652 10376 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:51 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:25:51 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:25:52 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:25:52 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:25:52 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:52 wgcgi_bin 23501----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:52 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:52 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:52 wgcgi_bin CMM cmd 1_603 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:52 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:52   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       330         1   603                                                                   (haRemoteStatus=S:1074305372)(hasEnabled=S:0)(isHaMaster=S:0)(model=S:Firebox X750e)(version=S:10.2)(patch=S:7)(location=S:Plum Street)(contact=S:David Reim)(serialNumber=S:9085506255E37)(policyVersion=S:1235355737)(pubPortStatus=S:1)(privPortStatus=S:1)(dmzPortStatus=S:1)(dmz2PortStatus=S:0)(usingCpmProfile=I:0)(nextSeqNum=I:1)g_ý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       330         1   603                                                                   (haRemoteStatus=S:1074305372)(hasEnabled=S:0)(isHaMaster=S:0)(model=S:Firebox X750e)(version=S:10.2)(patch=S:7)(location=S:Plum Street)(contact=S:David Reim)(serialNumber=S:9085506255E37)(policyVersion=S:1235355737)(pubPortStatus=S:1)(privPortStatus=S:1)(dmzPortStatus=S:1)(dmz2PortStatus=S:0)(usingCpmProfile=I:0)(nextSeqNum=I:1)g_ý^A.""       Debug
2009-02-22 21:25:52 wgcgi_bin 23501----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:52 Deny 85.229.243.10 205.238.249.55 10376/udp 48872 10376 0-External Firebox denied 131 104 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:52 wgcgi_bin 23504----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:52 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:52 wgcgi_bin Handling raw SNMP command (70 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:52 wgcgi_bin 23504----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:52 Deny 125.160.96.162 205.238.249.55 10203/udp 16948 10203 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:52 wgcgi_bin 23505----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:52 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:52 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:52 wgcgi_bin CMM cmd 4_211 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:52 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:52 wgcgi_bin cmm/cmd resp is RS0       138         4   211                                                                   (location=S:Plum Street)(systemContact=S:David Reim)(year=I:2009)(month=I:2)(day=I:22)(hour=I:21)(minute=I:25)(second=I:52)(timeZone=I:11). msg_id="0F00-0051"       Debug
2009-02-22 21:25:52 wgcgi_bin 23505----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:52 Deny 82.234.157.112 205.238.249.55 14750/udp 50828 14750 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:52 Allow 192.168.3.52 192.168.3.1 netbios-ns/udp 137 137 2-Williamsport Firebox allowed, idle timeout=15 sec 96 128 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:52 Allow 192.168.3.1 192.168.3.52 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.52 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:52 Deny 79.165.237.162 205.238.249.55 22332/udp 33351 22332 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:52 Allow 81.161.192.4 205.238.249.55 http/tcp 64 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 4194305 win 0" rc="100"       Traffic
2009-02-22 21:25:52 Allow 172.16.151.252 192.42.93.30 dns/udp 54482 53 1-Lancaster 0-External allowed, idle timeout=15 sec 68 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10033" rc="100"       Traffic
2009-02-22 21:25:53 Allow 172.16.151.252 192.207.56.1 dns/udp 52699 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10088" rc="100"       Traffic
2009-02-22 21:25:53 Allow 81.161.192.4 205.238.249.55 http/tcp 6 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 393216 win 65535" rc="100"       Traffic
2009-02-22 21:25:53 Allow 81.161.192.4 205.238.249.55 http/tcp 6 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 393217 win 0" rc="100"       Traffic
2009-02-22 21:25:54 Allow 192.168.3.1 192.168.3.52 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.52 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:54 Deny 190.71.155.50 205.238.249.55 13420/udp 14687 13420 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:55 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:25:55 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:25:55 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:55 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:55 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:55 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:25:55 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:25:55 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=b617bd99 a5ab2c8e r=cadd47df cd91e8fd msg_id="0203-5059"       Debug
2009-02-22 21:25:55 wgcgi_bin 23508----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:55 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:55 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:55 wgcgi_bin CMM cmd 4_201 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd resp is RS0       186         4   201                                                                   (name=S:FireboxX750e)(contact=S:David Reim)(location=S:Plum Street)(version=S:10.2)(package=S:Firebox X750e)(sn=S:9085506255E37)(feature=S:1)(patch=S:7)(no_interface=I:8)(no_policy=I:28). msg_id="0F00-0051"       Debug
2009-02-22 21:25:55 wgcgi_bin 23508----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:55 Allow 192.168.3.1 192.168.3.52 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.52 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:25:55 wgcgi_bin 23509----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:55 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:55 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:55 wgcgi_bin CMM cmd 1_603 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:55   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       330         1   603                                                                   (haRemoteStatus=S:1074305372)(hasEnabled=S:0)(isHaMaster=S:0)(model=S:Firebox X750e)(version=S:10.2)(patch=S:7)(location=S:Plum Street)(contact=S:David Reim)(serialNumber=S:9085506255E37)(policyVersion=S:1235355737)(pubPortStatus=S:1)(privPortStatus=S:1)(dmzPortStatus=S:1)(dmz2PortStatus=S:0)(usingCpmProfile=I:0)(nextSeqNum=I:1)g_ý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       330         1   603                                                                   (haRemoteStatus=S:1074305372)(hasEnabled=S:0)(isHaMaster=S:0)(model=S:Firebox X750e)(version=S:10.2)(patch=S:7)(location=S:Plum Street)(contact=S:David Reim)(serialNumber=S:9085506255E37)(policyVersion=S:1235355737)(pubPortStatus=S:1)(privPortStatus=S:1)(dmzPortStatus=S:1)(dmz2PortStatus=S:0)(usingCpmProfile=I:0)(nextSeqNum=I:1)g_ý^A.""       Debug
2009-02-22 21:25:55 wgcgi_bin 23509----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:55 Allow 81.161.192.4 205.238.249.55 http/tcp 238 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 15597568 win 65535" rc="100"       Traffic
2009-02-22 21:25:55 wgcgi_bin 23512----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:55 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:55 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:55 wgcgi_bin CMM cmd 1_202 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:55 wgcgi_bin cmm/cmd resp is RS0       522         1   202                                                                   (total_in_byte=S:2790911019)(total_in_packet=S:6716327)(total_out_byte=S:3354550952)(total_out_packet=S:6432131)(ipsec_byte=S:320400)(ipsec_packet=S:2355)(no_stream=S:6007)(no_active_stream=S:244)(no_sa=S:1)(max_sa=S:8000)(pub_status=I:1)(pvt_status=I:1)(dmz_status=I:1)(dmz2_status=I:0)(sys_up_time=S:1039545)(sys_time=S:Sun Feb 22 21:25:55 2009 )(cpu_util_5=S:9.99)(no_blocked_ips=S:0)(max_blocked_ips=I:0)(total-denied-packets=S:93894)(total-auth-users=S:1)(log-server-ip=S:172.16.151.58)(log-server-status=S:Connected). msg_id="0F00-0051"       Debug
2009-02-22 21:25:55 wgcgi_bin 23512----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:55 Allow 81.161.192.4 205.238.249.55 http/tcp 238 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 15597569 win 0" rc="100"       Traffic
2009-02-22 21:25:55 Deny 99.17.237.99 205.238.249.55 10263/udp 32557 10263 0-External Firebox denied 131 115 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:56 wgcgi_bin 23514----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:56 wgcgi_bin CMM cmd 4_604 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:56   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       2814        4   604                                                                   (activeFeature=(=(feature=S:VIP_LB)(type=I:1)(capacity=S:0)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:QOS)(type=I:1)(capacity=S:100)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:MUVPN_USER)(type=I:1)(capacity=S:50)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:HA)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:BOVPN_TUNNEL)(type=I:1)(capacity=S:100)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:3DES)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:OSPF)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:LIVESECURITY)(type=I:1)(capacity=S:1)(status=I:2)(expiration=S:1235192400)(comment=S:))(=(feature=S:FIREWARE)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:AUTH_DOMAIN)(type=I:1)(capacity= new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       2814        4   604                                                                   (activeFeature=(=(feature=S:VIP_LB)(type=I:1)(capacity=S:0)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:QOS)(type=I:1)(capacity=S:100)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:MUVPN_USER)(type=I:1)(capacity=S:50)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:HA)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:BOVPN_TUNNEL)(type=I:1)(capacity=S:100)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:3DES)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:OSPF)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:LIVESECURITY)(type=I:1)(capacity=S:1)(status=I:2)(expiration=S:1235192400)(comment=S:))(=(feature=S:FIREWARE)(type=I:1)(capacity=S:1)(status=I:1)(expiration=S:0)(comment=S:))(=(feature=S:AUTH_DOMAIN)(type=I:1)(capacity="       Debug
2009-02-22 21:25:56 wgcgi_bin 23514----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:56 wgcgi_bin 23515----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:56 wgcgi_bin CMM cmd 1_203 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd resp is RS0       834         1   203                                                                   (num-if=I:8)(if-counter-list=(=(if-index=I:0)(denied-packets=S:93789)(counters=(=S:0)(=S:1948940)(=S:27835)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:1)(denied-packets=S:40)(counters=(=S:2335122)(=S:0)(=S:104092)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:2)(denied-packets=S:66)(counters=(=S:26837)(=S:109696)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:3)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:4)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:5)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:6)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))(=(if-index=I:7)(denied-packets=S:0)(counters=(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)(=S:0)))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 wgcgi_bin 23515----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:56 wgcgi_bin 23517----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:56 wgcgi_bin CMM cmd 4_831 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd resp is RS0       61          4   831                                                                   (mode=I:0)(drop-in-mode=I:0)(ip=S:0.0.0.0)(netmask=S:0.0.0.0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 wgcgi_bin 23517----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:56 wgcgi_bin 23519----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw CMM command (111 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:56 wgcgi_bin CMM cmd 4_100 [(info-type=I:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:56 Allow 220.255.168.174 205.238.249.55 10546/tcp 24484 10546 0-External 1-Lancaster RST received 40 239 (Outgoing-00)  dst_ip_nat="172.16.151.87" dst_port_nat="1386" tcpinfo="offset 5 AR 0 win 0" rc="100"       Traffic
2009-02-22 21:25:56   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4 new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4"       Debug
2009-02-22 21:25:56 wgcgi_bin 23519----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:56 wgcgi_bin 23544----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:56 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:56 wgcgi_bin Handling raw SNMP command (192 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:56 wgcgi_bin 23544----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 wgcgi_bin 23545----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw SNMP command (226 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin 23545----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 Deny 207.216.248.192 205.238.249.55 10203/udp 32988 10203 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:57 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:57 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:57 wgcgi_bin 23546----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw SNMP command (216 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin 23546----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:25:57 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:25:57 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=b617bd99 a5ab2c8e r=38d5961a b2080f5c msg_id="0203-5059"       Debug
2009-02-22 21:25:57 wgcgi_bin 23547----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw CMM command (108 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:57 wgcgi_bin CMM cmd 4_971 [(vlanId=I:0)] msg_id="0F02-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:57 wgcgi_bin cmm/cmd resp is RS0       19          4   971                                                                   (vlan-info-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:57 wgcgi_bin 23547----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 dhcpd  DHCPINFORM from 192.168.3.55 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:57 wgcgi_bin 23548----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw SNMP command (75 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin 23548----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:57 wgcgi_bin 23549----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:57 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:57 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:57 wgcgi_bin CMM cmd 4_525 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:57 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:57   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A.""       Debug
2009-02-22 21:25:57 wgcgi_bin 23549----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 wgcgi_bin 23550----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 4_134 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009  new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009 "       Debug
2009-02-22 21:25:58 wgcgi_bin 23550----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 Allow 172.16.151.14 204.141.57.101 https/tcp 2901 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10029" tcpinfo="offset 6 S 201162752 win 5840" rc="100"       Traffic
2009-02-22 21:25:58 wgcgi_bin 23551----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 4_961 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd resp is RS0       215         4   961                                                                   (ike-policy-group-num=I:4)(ike-policy-group-list=(=(id=S:1)(name=S:Cisco_MAS)(num=S:1))(=(id=S:2)(name=S:Edge_Altoona)(num=S:1))(=(id=S:3)(name=S:Edge_Harrisburg)(num=S:0))(=(id=S:4)(name=S:Reliance_Bank)(num=S:0))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 wgcgi_bin 23551----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 Allow 172.16.151.14 204.141.57.101 https/tcp 2901 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10029" tcpinfo="offset 5 AR 201162821 win 5788" rc="100"       Traffic
2009-02-22 21:25:58 Allow 172.16.151.14 204.141.57.101 https/tcp 2901 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10029" tcpinfo="offset 5 R 201162821 win 0" rc="100"       Traffic
2009-02-22 21:25:58 wgcgi_bin 23552----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 2_505 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 cmm_server  switch: MSG_ID_PCY_GET_ALL_ACTIVE_USERS        Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd resp is RS0       8           2   505                                                                   (users=). msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 wgcgi_bin 23552----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 wgcgi_bin 23554----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 2_585 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 cmm_server  MSG_ID_PCY_GET_SSLVPN_TUNNEL_LIST        Debug
2009-02-22 21:25:58 sslvpn[9704]  MANAGEMENT: Client connected from 127.0.0.1:7505        Debug
2009-02-22 21:25:58 sslvpn[9704]  MANAGEMENT: Client disconnected        Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd resp is RS0       191         2   585                                                                   (num=I:1)(tunnel-list=(=(user=S:drreim)(real-ip=S:173.67.138.199)(real-port=S:63289)(virtual-ip=S:192.168.100.2)(logon-time=S:Sun:Feb:22:21:25:36:2009)(send-bytes=S:4068)(recv-Bytes=S:3563))). msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 wgcgi_bin 23554----stop msg_id="0F00-0002"       Debug
2009-02-22 21:25:58 wgcgi_bin 23563----start msg_id="0F00-0001"       Debug
2009-02-22 21:25:58 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:25:58 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:25:58 wgcgi_bin CMM cmd 2_582 [] msg_id="0F02-0009"       Debug
2009-02-22 21:25:58 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:25:58 cmm_server  switch: MSG_ID_PCY_GET_PPTP_TUNNEL        Debug
2009-02-22 21:25:59 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:25:59 Allow 81.161.192.4 205.238.249.55 http/tcp 43536 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2853175296 win 65535" rc="100"       Traffic
2009-02-22 21:25:59 Allow 81.161.192.4 205.238.249.55 http/tcp 43536 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2853175297 win 0" rc="100"       Traffic
2009-02-22 21:25:59 Deny 68.52.236.114 205.238.249.55 10387/udp 39065 10387 0-External Firebox denied 131 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:25:59 Allow 172.16.151.58 207.206.239.17 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10023" rc="100"       Traffic
2009-02-22 21:25:59 wgcgi_bin cmm/cmd resp is RS0       9           2   582                                                                   (num=S:0). msg_id="0F00-0051"       Debug
2009-02-22 21:25:59 wgcgi_bin 23563----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:00 wgcgi_bin 23577----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:00 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:00 wgcgi_bin Handling raw CLI command (107 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:00 wgcgi_bin CLI cmd 4_331 [cfm counter] msg_id="0F02-0007"       Debug
2009-02-22 21:26:00 wgcgi_bin CLI comand: cfm counter msg_id="0F02-0011"       Debug
2009-02-22 21:26:00 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.UjkaIS -o /tmp/cli_output.vfvzbC msg_id="0F02-0015"       Debug
2009-02-22 21:26:00 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:00 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:00 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=b617bd99 a5ab2c8e r=7aa9d173 a07b32c9 msg_id="0203-5059"       Debug
2009-02-22 21:26:00 proxy[12600] received UDS event to='rd/dev/cfm0' msg_id="0F02-0150"       Debug
2009-02-22 21:26:00 proxy[12600] received UDS command='counter' id=[17767] from='dev/client.23601' msg_id="0F02-0153"       Debug
2009-02-22 21:26:00   pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23601' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti new_msg=" pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23601' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti"       Debug
2009-02-22 21:26:00 Allow 172.16.151.250 199.93.44.45 dns/udp 49172 53 1-Lancaster 0-External allowed, idle timeout=15 sec 76 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10023" rc="100"       Traffic
2009-02-22 21:26:00 Deny 83.198.227.82 205.238.249.55 14192/udp 20277 14192 0-External Firebox denied 126 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:00 Allow 172.16.151.79 65.55.184.253 http/tcp 1162 80 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" tcpinfo="offset 7 S 2618997992 win 65535" rc="100"       Traffic
2009-02-22 21:26:00 Allow 172.16.151.79 65.55.184.253 http/tcp 1162 80 1-Lancaster 0-External RST received 40 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10021" tcpinfo="offset 5 AR 2618999614 win 0" rc="100"       Traffic
2009-02-22 21:26:01 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:01 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:01 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:01 proxy[12600] received UDS event to='rd/dev/cfm0' msg_id="0F02-0150"       Debug
2009-02-22 21:26:01 proxy[12600] received UDS command='counter' id=[17767] from='dev/client.23677' msg_id="0F02-0153"       Debug
2009-02-22 21:26:01   pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23677' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti new_msg=" pri="3" msg_id="0F02-0158" msg="sent UDS response 'dev/client.23677' to='<av>   <stat>     <num_files>0</num_files>     <num_viruses>0</num_viruses>     <num_not_scanned>0</num_not_scanned>   </stat> </av> <ips>   <stat>     <num_payloads>0</num_payloads>     <num_attacks>0</num_attacks>     <num_dropped>0</num_dropped>     <num_connections>0</num_connections>   </stat> </ips> <ftp>   <stat>     <num_connections>0</num_connections>     <num_passed_commands>0</num_passed_commands>     <num_limits>0</num_limits>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>     <num_commands>0</num_commands>     <num_ips>0</num_ips>   </stat> </ftp> <tftp>   <stat>     <num_connections>0</num_connections>     <num_uploads>0</num_uploads>     <num_downloads>0</num_downloads>   </stat> </tftp> <dns>   <stat>     <num_passed>0</num_passed>     <num_blocked>0</num_blocked>     <num_ips>0</num_ips>   </stat> </dns> <smtp>   <stat>     <num_ips>0</num_ips>     <num_connecti"       Debug
2009-02-22 21:26:01 wgcgi_bin Found prompt and submitted command: cfm counter msg_id="0F02-0012"       Debug
2009-02-22 21:26:01 wgcgi_bin 23577----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:01 wgcgi_bin 23722----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:01 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:01 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:01 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542198046] msg_id="0F02-0007"       Debug
2009-02-22 21:26:01 wgcgi_bin CLI comand: show log-cache sequence 5301348725542198046 msg_id="0F02-0011"       Debug
2009-02-22 21:26:01 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.GvcORq -o /tmp/cli_output.4BQ3j8 msg_id="0F02-0015"       Debug
2009-02-22 21:26:01 Deny 89.218.218.90 205.238.249.55 10376/udp 63922 10376 0-External Firebox denied 131 113 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:01 dhcpd  DHCPINFORM from 192.168.3.55 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:01 Allow 81.161.192.4 205.238.249.55 http/tcp 92 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 6029312 win 65535" rc="100"       Traffic
2009-02-22 21:26:02 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542198046 msg_id="0F02-0012"       Debug
2009-02-22 21:26:02 wgcgi_bin 23722----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:03 Deny 71.226.251.128 205.238.249.55 16081/udp 25348 16081 0-External Firebox denied 131 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:03 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:03 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:03 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=b617bd99 a5ab2c8e r=13a12fd4 25585581 msg_id="0203-5059"       Debug
2009-02-22 21:26:03 Deny 147.63.5.27 205.238.249.55 2001/udp 13061 2001 0-External Firebox denied 52 237 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:04 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:04 Allow 172.16.151.250 199.212.0.53 dns/udp 49307 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10089" rc="100"       Traffic
2009-02-22 21:26:04 Allow 172.16.151.58 58.52.242.234 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10090" rc="100"       Traffic
2009-02-22 21:26:04 Allow 172.16.151.213 124.239.86.239 8000/tcp 4481 8000 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10039" tcpinfo="offset 7 S 1764260999 win 65535" rc="100"       Traffic
2009-02-22 21:26:05 Allow 81.161.192.4 205.238.249.55 http/tcp 168 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 11010048 win 65535" rc="100"       Traffic
2009-02-22 21:26:05 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:05 Allow 81.161.192.4 205.238.249.55 http/tcp 168 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 11010049 win 0" rc="100"       Traffic
2009-02-22 21:26:05 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:06 Deny 216.121.179.50 205.238.249.55 10376/udp 42454 10376 0-External Firebox denied 131 118 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:06 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:26:06 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:26:07 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:26:07 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:26:07 Allow 81.161.192.4 205.238.249.55 http/tcp 41084 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2692481024 win 65535" rc="100"       Traffic
2009-02-22 21:26:07 Allow 192.168.3.1 192.168.3.51 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.51 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 124 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:07 Deny 92.243.167.109 205.238.249.55 15590/udp 44781 15590 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:08 wgcgi_bin 23781----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:08 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:08 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:08 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542200040] msg_id="0F02-0007"       Debug
2009-02-22 21:26:08 wgcgi_bin CLI comand: show log-cache sequence 5301348725542200040 msg_id="0F02-0011"       Debug
2009-02-22 21:26:08 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.lbBMbE -o /tmp/cli_output.g8VESb msg_id="0F02-0015"       Debug
2009-02-22 21:26:08 Deny 83.4.113.106 205.238.249.55 10071/udp 14267 10071 0-External Firebox denied 129 111 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 199.212.0.53 dns/udp 51075 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10091" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.13 204.141.57.101 https/tcp 3142 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10030" tcpinfo="offset 6 S 188469248 win 5840" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 192.93.0.4 dns/udp 55840 53 1-Lancaster 0-External allowed, idle timeout=15 sec 66 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10034" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.13 204.141.57.101 https/tcp 3142 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10030" tcpinfo="offset 5 AR 188469317 win 0" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 212.33.225.211 dns/udp 57851 53 1-Lancaster 0-External allowed, idle timeout=15 sec 66 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10011" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 192.93.0.4 dns/udp 49209 53 1-Lancaster 0-External allowed, idle timeout=15 sec 58 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" rc="100"       Traffic
2009-02-22 21:26:09 Deny 58.186.3.253 205.238.249.55 14192/udp 12258 14192 0-External Firebox denied 126 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 91.144.128.1 dns/udp 50714 53 1-Lancaster 0-External allowed, idle timeout=15 sec 58 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10040" rc="100"       Traffic
2009-02-22 21:26:09 Allow 192.168.3.55 172.16.151.250 dns/udp 58759 53 2-Williamsport 1-Lancaster allowed, idle timeout=15 sec 60 128 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:09 Allow 192.168.3.1 192.168.3.55 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.55 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:09 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542200040 msg_id="0F02-0012"       Debug
2009-02-22 21:26:09 wgcgi_bin 23781----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:09 Allow 172.16.151.250 91.144.130.1 dns/udp 63924 53 1-Lancaster 0-External allowed, idle timeout=15 sec 66 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10015" rc="100"       Traffic
2009-02-22 21:26:09 Allow 172.16.151.250 91.144.128.1 dns/udp 51842 53 1-Lancaster 0-External allowed, idle timeout=15 sec 73 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10041" rc="100"       Traffic
2009-02-22 21:26:10 Allow 81.161.192.4 205.238.249.55 http/tcp 41084 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2692481025 win 0" rc="100"       Traffic
2009-02-22 21:26:10 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:26:10 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:26:10 Allow 172.16.151.250 193.0.0.193 dns/udp 56418 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10033" rc="100"       Traffic
2009-02-22 21:26:10 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:10 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:10 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d14a8db0 ff457cc1 r=bb68b9e3 22126b2c msg_id="0203-5059"       Debug
2009-02-22 21:26:10 Allow 172.16.151.250 193.0.0.193 dns/udp 54114 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10034" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.13 12.149.218.73 https/tcp 3143 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10042" tcpinfo="offset 6 S 193581056 win 5840" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.250 194.170.1.99 dns/udp 59770 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10043" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.13 12.149.218.73 https/tcp 3143 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10042" tcpinfo="offset 5 AR 193581125 win 5788" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.13 12.149.218.73 https/tcp 3143 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10042" tcpinfo="offset 5 R 193581125 win 0" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.250 195.229.237.52 dns/udp 59770 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10024" rc="100"       Traffic
2009-02-22 21:26:10 Allow 81.161.192.4 205.238.249.55 http/tcp 92 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 6029313 win 0" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.250 194.170.1.6 dns/udp 59770 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10025" rc="100"       Traffic
2009-02-22 21:26:10 Allow 172.16.151.250 194.170.1.7 dns/udp 59770 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10018" rc="100"       Traffic
2009-02-22 21:26:11 Allow 192.168.3.1 192.168.3.55 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.55 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:11 Allow 81.161.192.4 205.238.249.55 http/tcp 24691 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 1618149376 win 65535" rc="100"       Traffic
2009-02-22 21:26:11 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:11 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:11 Allow 81.161.192.4 205.238.249.55 http/tcp 24691 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 1618149377 win 0" rc="100"       Traffic
2009-02-22 21:26:11 iked Received a keepalive_request message from 207.255.24.68:500 msg_id="0203-5066"       Debug
2009-02-22 21:26:11 iked  Sending keepalive_ack message to 207.255.24.68:500 msg_id="0203-5060"       Debug
2009-02-22 21:26:12 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:12 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:12 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d14a8db0 ff457cc1 r=2d72dcab 9b10d519 msg_id="0203-5059"       Debug
2009-02-22 21:26:12 Allow 192.168.3.1 192.168.3.55 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.55 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:12 Allow 81.161.192.4 205.238.249.55 http/tcp 64 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 4194305 win 0" rc="100"       Traffic
2009-02-22 21:26:13 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:13 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:13 Allow 81.161.192.4 205.238.249.55 http/tcp 32 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2097152 win 65535" rc="100"       Traffic
2009-02-22 21:26:14 Deny 81.161.192.4 205.238.249.55 http/tcp 0 80 0-External unknown Packet with src/dst port 0, firewall drop 40 19 (internal policy)  tcpinfo="offset 5 S 0 win 65535" rc="101"       Traffic
2009-02-22 21:26:14 ma  mia alarm notification.        Debug
2009-02-22 21:26:14 Traffic 8008  Traffic detected,  proc_id="ma" msg_id="0401-1000" time="Sun Feb 22 21:26:14 2009 (EST)" hostname="FireboxX750e.kourt.com"       Alarm
2009-02-22 21:26:14 Allow 81.161.192.4 205.238.249.55 http/tcp 32 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2097153 win 0" rc="100"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 193.0.0.193 dns/udp 51402 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10035" rc="100"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 195.229.237.52 dns/udp 59293 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10026" rc="100"       Traffic
2009-02-22 21:26:14 Deny 70.82.239.211 205.238.249.55 10507/udp 38854 10507 0-External Firebox denied 131 112 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 194.170.1.99 dns/udp 59293 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10044" rc="100"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 194.170.1.6 dns/udp 59293 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10027" rc="100"       Traffic
2009-02-22 21:26:14 Allow 172.16.151.252 194.170.1.7 dns/udp 59293 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10019" rc="100"       Traffic
2009-02-22 21:26:15 wgcgi_bin 23838----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:15 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:15 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:15 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542200070] msg_id="0F02-0007"       Debug
2009-02-22 21:26:15 wgcgi_bin CLI comand: show log-cache sequence 5301348725542200070 msg_id="0F02-0011"       Debug
2009-02-22 21:26:15 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.aAvDXD -o /tmp/cli_output.K3ey81 msg_id="0F02-0015"       Debug
2009-02-22 21:26:15 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:15 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:15 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d14a8db0 ff457cc1 r=58b33827 2449e53b msg_id="0203-5059"       Debug
2009-02-22 21:26:15 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:16 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542200070 msg_id="0F02-0012"       Debug
2009-02-22 21:26:16 wgcgi_bin 23838----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:16 Allow 192.168.3.55 172.16.151.250 dns/udp 60356 53 2-Williamsport 1-Lancaster allowed, idle timeout=15 sec 66 128 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:16 Allow 192.168.3.55 65.55.184.253 http/tcp 2227 80 2-Williamsport 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10022" tcpinfo="offset 7 S 3492196438 win 65535" rc="100"       Traffic
2009-02-22 21:26:16 Allow 192.168.3.55 65.55.184.253 http/tcp 2227 80 2-Williamsport 0-External RST received 40 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10022" tcpinfo="offset 5 AR 3492198060 win 0" rc="100"       Traffic
2009-02-22 21:26:16 Deny 202.101.165.202 205.238.249.62 1434/udp 1079 1434 0-External 0-External denied 404 109 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:16 Deny 91.156.142.79 205.238.249.55 15590/udp 47720 15590 0-External Firebox denied 131 115 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:17 Traffic 8008  Traffic detected,  proc_id="ma" msg_id="0401-1000" time="Sun Feb 22 21:26:17 2009 (EST)" hostname="FireboxX750e.kourt.com"       Alarm
2009-02-22 21:26:17 Deny 81.161.192.4 205.238.249.55 http/tcp 0 80 0-External unknown Packet with src/dst port 0, firewall drop 40 19 (internal policy)  tcpinfo="offset 5 S 0 win 65535" rc="101"       Traffic
2009-02-22 21:26:17 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:17 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:17 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:17 Allow 172.16.151.112 75.33.87.76 36855/tcp 1420 36855 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10012" tcpinfo="offset 7 S 3431738764 win 65535" rc="100"       Traffic
2009-02-22 21:26:17 Allow 75.33.87.76 205.238.249.55 10012/tcp 36855 10012 0-External 1-Lancaster RST received 63 243 (Outgoing-00)  dst_ip_nat="172.16.151.112" dst_port_nat="1420" tcpinfo="offset 5 AR 0 win 0" rc="100"       Traffic
2009-02-22 21:26:18 Allow 75.33.87.76 205.238.249.55 10012/tcp 36855 10012 0-External 1-Lancaster RST received 63 243 (Outgoing-00)  dst_ip_nat="172.16.151.112" dst_port_nat="1420" tcpinfo="offset 5 AR 0 win 0" rc="100"       Traffic
2009-02-22 21:26:18 Deny 24.11.91.28 205.238.249.55 14750/udp 12656 14750 0-External Firebox denied 131 114 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:18 Allow 81.161.192.4 205.238.249.55 http/tcp 8221 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 538771456 win 65535" rc="100"       Traffic
2009-02-22 21:26:18 Deny 78.51.6.148 205.238.249.55 10147/udp 12071 10147 0-External Firebox denied 131 113 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:18 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:18 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:18 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=d14a8db0 ff457cc1 r=f839172d f1caf57b msg_id="0203-5059"       Debug
2009-02-22 21:26:18 Allow 81.161.192.4 205.238.249.55 http/tcp 8221 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 538771457 win 0" rc="100"       Traffic
2009-02-22 21:26:18 Allow 75.33.87.76 205.238.249.55 10012/tcp 36855 10012 0-External 1-Lancaster RST received 63 243 (Outgoing-00)  dst_ip_nat="172.16.151.112" dst_port_nat="1420" tcpinfo="offset 5 AR 0 win 0" rc="100"       Traffic
2009-02-22 21:26:19 Allow 172.16.151.14 12.149.218.73 https/tcp 2902 443 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 44 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10045" tcpinfo="offset 6 S 19107840 win 5840" rc="100"       Traffic
2009-02-22 21:26:19 Allow 172.16.151.14 12.149.218.73 https/tcp 2902 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10045" tcpinfo="offset 5 AR 19107909 win 5788" rc="100"       Traffic
2009-02-22 21:26:19 Allow 172.16.151.14 12.149.218.73 https/tcp 2902 443 1-Lancaster 0-External RST received 40 60 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10045" tcpinfo="offset 5 R 19107909 win 0" rc="100"       Traffic
2009-02-22 21:26:20 Deny 61.216.170.110 205.238.249.55 10071/udp 19064 10071 0-External Firebox denied 129 236 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:21 wgcgi_bin 23894----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (179 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 1_1 [(id=S:status)(challenge=S:WAbcxCrzBao9kBdoGhc+qhrbOH4NhaD6/8rMC34jQ42Bw6x7gjYGkw==)(src_ip=S:172.16.151.58)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server status logged in from 172.16.151.58 msg_id="0100-0531"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       381         1   1                                                                     (sid=S:1696824075)(response=S:DvTceoUMefXY4nNSaH8J37t87iY6z7YWhe8dW+6vFgFACXGe9vBeA5u4up+dbXZk)(e_right=(account_admin=I:1)(sys_config=I:1)(pcy_backup=I:1)(log_backup=I:1)(pcy_config=I:1)(alarm_setup=I:1)(alarm_clear=I:1)(rt_monitor=I:1))(b_right=(account_admin=I:1)(sys_config=I:1)(pcy_backup=I:1)(log_backup=I:1)(pcy_config=I:1)(alarm_setup=I:1)(alarm_clear=I:2)(rt_monitor=I:1))^_. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23894----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23897----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_201 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       186         4   201                                                                   (name=S:FireboxX750e)(contact=S:David Reim)(location=S:Plum Street)(version=S:10.2)(package=S:Firebox X750e)(sn=S:9085506255E37)(feature=S:1)(patch=S:7)(no_interface=I:8)(no_policy=I:28). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23897----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 iked Drop negotiation to peer 207.255.27.72:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:26:21 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=2) msg_id="0203-5166"       Debug
2009-02-22 21:26:21 wgcgi_bin 23898----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_525 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A." new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       345         4   525                                                                   (enabled=I:0)(ha_type=I:2)(is_primary=I:0)(local_cons_status=S:Disabled)(peer_cons_status=S:Disabled)(local_cons_status_int=I:0)(peer_cons_status_int=I:0)(primary_ha_status=I:1001)(secondary_ha_status=I:1001)(is_active=I:0)(fail_rc=S:)(fail_rc_int=I:0)(peer_fail_rc=S:)(peer_fail_rc_int=I:0)(primary_db_timestamp=S:0)(secondary_db_timestamp=S:0)" mý^A.""       Debug
2009-02-22 21:26:21 wgcgi_bin 23898----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23899----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (111 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_100 [(info-type=I:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4 new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1505        4   100                                                                   (phy-if-num=I:8)(lic-if-num=I:8)(if-list=(if-info=(if-name=S:External)(if-num=I:0)(gateway=S:205.238.249.49)(wan-target-status=I:1)(if-property=I:2)(ip=S:205.238.249.55)(enabled=I:1)(netmask=S:255.255.255.240)(mac=S:00:90:7F:3D:A1:11)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Lancaster)(if-num=I:1)(if-property=I:1)(ip=S:172.16.151.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:10)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Williamsport)(if-num=I:2)(if-property=I:1)(ip=S:192.168.3.1)(enabled=I:1)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0F)(link-status=I:1)(ip-assignment=I:1))(if-info=(if-name=S:Optional-2)(if-num=I:3)(if-property=I:3)(ip=S:10.0.3.1)(enabled=I:0)(netmask=S:255.255.255.0)(mac=S:00:90:7F:3D:A1:0E)(link-status=I:0)(ip-assignment=I:1))(if-info=(if-name=S:Optional-3)(if-num=I:4"       Debug
2009-02-22 21:26:21 wgcgi_bin 23899----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23924----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw SNMP command (570 bytes) msg_id="0F00-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin 23924----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23925----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_831 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       61          4   831                                                                   (mode=I:0)(drop-in-mode=I:0)(ip=S:0.0.0.0)(netmask=S:0.0.0.0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23925----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23926----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (108 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_971 [(vlanId=I:0)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       19          4   971                                                                   (vlan-info-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23926----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23927----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_134 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009  new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1516        4   134                                                                   (no_certs=I:3)(webserver_cert_id=S:30000)(webserver_cert_type=I:0)(certs=(=(type=I:1)(cert_id=S:29000)(name=S:205.238.249.55's KOURT \(RSA\))(algorithm=I:1)(key_length=I:1024)(key_usage=S:both)(subject=S:cn=205.238.249.55,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:205.238.249.55)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 21 21:49:09 2009 GMT)(valid_to=S:Feb 21 21:49:09 2010 GMT)(finger_print=S:D0:2E:12:92:C4:AB:A9:CC:59:3B:28:14:9B:F6:6D:B0)(ext_key_usage=I:3)(subject_alt_name=S:DNS=205.238.249.55,))(=(type=I:4)(cert_id=S:0)(name=S:cn=WatchGuard Certificate Authority,o=KOURT)(algorithm=I:1)(key_length=I:2048)(key_usage=S:sig)(subject=S:cn=WatchGuard Certificate Authority,o=KOURT)(issuer=S:cn=WatchGuard Certificate Authority,o=KOURT)(dns_name=S:)(ip_addr=S:)(rfc_name=S:)(valid_from=S:Feb 11 03:44:41 2009 "       Debug
2009-02-22 21:26:21 wgcgi_bin 23927----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23928----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 1_202 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       522         1   202                                                                   (total_in_byte=S:2791616822)(total_in_packet=S:6718134)(total_out_byte=S:3355523304)(total_out_packet=S:6433932)(ipsec_byte=S:320400)(ipsec_packet=S:2355)(no_stream=S:6038)(no_active_stream=S:169)(no_sa=S:1)(max_sa=S:8000)(pub_status=I:1)(pvt_status=I:1)(dmz_status=I:1)(dmz2_status=I:0)(sys_up_time=S:1039571)(sys_time=S:Sun Feb 22 21:26:21 2009 )(cpu_util_5=S:9.99)(no_blocked_ips=S:0)(max_blocked_ips=I:0)(total-denied-packets=S:93911)(total-auth-users=S:1)(log-server-ip=S:172.16.151.58)(log-server-status=S:Connected). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23928----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23930----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 2_505 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  switch: MSG_ID_PCY_GET_ALL_ACTIVE_USERS        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       8           2   505                                                                   (users=). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23930----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23931----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_961 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       215         4   961                                                                   (ike-policy-group-num=I:4)(ike-policy-group-list=(=(id=S:1)(name=S:Cisco_MAS)(num=S:1))(=(id=S:2)(name=S:Edge_Altoona)(num=S:1))(=(id=S:3)(name=S:Edge_Harrisburg)(num=S:0))(=(id=S:4)(name=S:Reliance_Bank)(num=S:0))). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23931----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23932----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:1)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: Tunnel_to_MAS, 1, 0        Debug
2009-02-22 21:26:21 cmm_server  num_active_local_remote_pairs=1        Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: 0, 0, 0, 0        Debug
2009-02-22 21:26:21 cmm_server  more = 0        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       563         4   962                                                                   (active-local-remote-pair-num=I:1)(active-local-remote-pair-list=(=(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(send-bytes=S:0)(send-packets=S:0)(recv-bytes=S:0)(recv-packets=S:0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(create-time=S:1235252942)(key=S:Auto \(IKE\))(security=S:ESP-3DES-SHA1)(total-tunnels=S:1)(total-active-tunnels=S:0)(tunnel-list=(tunnel-id=S:1)))). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23932----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23933----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (146 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_963 [(tunnel-list-num=I:1)(tunnel-list=(tunnel-id=S:1))] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1198        4   963                                                                   (total-tunnels=I:1)(total-active-tunnels=I:0)(tunnel-list=(=(status=I:0)(ike-policy-id=S:1)(ike-policy-name=S:Cisco_MAS)(ike-policy-gorup-id=S:1)(ike-policy-group-name=S:Cisco_MAS)(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:67.113.165.100)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235252942)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(tunnel-id=S:1)(life-size=S:0)(life-time=S:1727990)(accu-time=S:91)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:1081387220)(i-remain-time=S:1235252942)(i-sa-bytes=S:0)(i-sa-packets=S:0)(i-total-bytes=S:0)(i-total-packets=S:0)( new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       1198        4   963                                                                   (total-tunnels=I:1)(total-active-tunnels=I:0)(tunnel-list=(=(status=I:0)(ike-policy-id=S:1)(ike-policy-name=S:Cisco_MAS)(ike-policy-gorup-id=S:1)(ike-policy-group-name=S:Cisco_MAS)(ipsec-action-id=S:2)(ipsec-action-name=S:Tunnel_to_MAS)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:67.113.165.100)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235252942)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:10.146.40.0)(ip-two=S:255.255.248.0))(tunnel-id=S:1)(life-size=S:0)(life-time=S:1727990)(accu-time=S:91)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:1081387220)(i-remain-time=S:1235252942)(i-sa-bytes=S:0)(i-sa-packets=S:0)(i-total-bytes=S:0)(i-total-packets=S:0)("       Debug
2009-02-22 21:26:21 wgcgi_bin 23933----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23934----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:2)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: Tunnel_to_Altoona, 3, 1        Debug
2009-02-22 21:26:21 cmm_server  num_active_local_remote_pairs=1        Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: 263288, 0, 57112, 0        Debug
2009-02-22 21:26:21 cmm_server  more = 0        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       613         4   962                                                                   (active-local-remote-pair-num=I:1)(active-local-remote-pair-list=(=(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(send-bytes=S:263288)(send-packets=S:1878)(recv-bytes=S:57112)(recv-packets=S:477)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(create-time=S:1235252943)(key=S:Auto \(IKE\))(security=S:ESP-3DES-SHA1)(total-tunnels=S:3)(total-active-tunnels=S:1)(tunnel-list=(tunnel-id=S:4)(tunnel-id=S:2)(tunnel-id=S:3)))). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23934----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23935----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (176 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_963 [(tunnel-list-num=I:3)(tunnel-list=(tunnel-id=S:4)(tunnel-id=S:2)(tunnel-id=S:3))] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21   pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       3579        4   963                                                                   (total-tunnels=I:3)(total-active-tunnels=I:1)(tunnel-list=(=(status=I:1)(ike-policy-id=S:3)(ike-policy-name=S:Edge_Altoona)(ike-policy-gorup-id=S:2)(ike-policy-group-name=S:Edge_Altoona)(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:207.255.24.68)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235342814)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(tunnel-id=S:4)(life-size=S:0)(life-time=S:86390)(accu-time=S:13167)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:2024577307)(i-remain-time=S:1235342814)(i-sa-bytes=S:7552)(i-sa-packets=S:63)(i-total-bytes=S:7552)(i- new_msg=" pri="3" msg_id="0F00-0051" msg="cmm/cmd resp is RS0       3579        4   963                                                                   (total-tunnels=I:3)(total-active-tunnels=I:1)(tunnel-list=(=(status=I:1)(ike-policy-id=S:3)(ike-policy-name=S:Edge_Altoona)(ike-policy-gorup-id=S:2)(ike-policy-group-name=S:Edge_Altoona)(ipsec-action-id=S:1)(ipsec-action-name=S:Tunnel_to_Altoona)(local-gateway-addr=S:205.238.249.55)(remote-gateway-addr=S:207.255.24.68)(interface=S:eth0)(mode=S:Tunnel)(protocol=S:Any)(local-port=I:0)(remote-port=I:0)(key=S:Auto \(IKE\))(create-time=S:1235342814)(security=S:ESP-3DES-SHA1)(selector-local-ip=(ip-type=I:2)(ip-one=S:172.16.151.0)(ip-two=S:255.255.255.0))(selector-remote-ip=(ip-type=I:2)(ip-one=S:192.168.222.0)(ip-two=S:255.255.255.0))(tunnel-id=S:4)(life-size=S:0)(life-time=S:86390)(accu-time=S:13167)(accu-bytes=S:0)(num-rekey=S:0)(i-spi=S:2024577307)(i-remain-time=S:1235342814)(i-sa-bytes=S:7552)(i-sa-packets=S:63)(i-total-bytes=S:7552)(i-"       Debug
2009-02-22 21:26:21 wgcgi_bin 23935----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23936----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:3)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: risburg, -805365692, 2        Debug
2009-02-22 21:26:21 cmm_server  num_active_local_remote_pairs=0        Debug
2009-02-22 21:26:21 cmm_server  more = 0        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       34          4   962                                                                   (active-local-remote-pair-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23936----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23937----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (121 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 4_962 [(ike-policy-group-id=S:4)] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  check local remote pairs: _Bank, -805365692, 2        Debug
2009-02-22 21:26:21 cmm_server  num_active_local_remote_pairs=0        Debug
2009-02-22 21:26:21 cmm_server  more = 0        Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd resp is RS0       34          4   962                                                                   (active-local-remote-pair-num=I:0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 wgcgi_bin 23937----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:21 wgcgi_bin 23938----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:21 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542200135] msg_id="0F02-0007"       Debug
2009-02-22 21:26:21 wgcgi_bin CLI comand: show log-cache sequence 5301348725542200135 msg_id="0F02-0011"       Debug
2009-02-22 21:26:21 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.AV3GJI -o /tmp/cli_output.bfMMoX msg_id="0F02-0015"       Debug
2009-02-22 21:26:21 wgcgi_bin 23964----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:21 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:21 wgcgi_bin CMM cmd 2_582 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:21 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:21 cmm_server  switch: MSG_ID_PCY_GET_PPTP_TUNNEL        Debug
2009-02-22 21:26:22 iked Drop negotiation to peer 74.46.76.246:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2009-02-22 21:26:22 iked Notify kernel - peer gateway is DOWN (ifIdx=2 pcyId=4) msg_id="0203-5166"       Debug
2009-02-22 21:26:22 wgcgi_bin cmm/cmd resp is RS0       9           2   582                                                                   (num=S:0). msg_id="0F00-0051"       Debug
2009-02-22 21:26:22 wgcgi_bin 23964----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:22 wgcgi_bin 23981----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:22 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:22 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:22 wgcgi_bin CMM cmd 2_585 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:22 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:23 cmm_server  MSG_ID_PCY_GET_SSLVPN_TUNNEL_LIST        Debug
2009-02-22 21:26:23 sslvpn[9704]  MANAGEMENT: Client connected from 127.0.0.1:7505        Debug
2009-02-22 21:26:23 sslvpn[9704]  MANAGEMENT: Client disconnected        Debug
2009-02-22 21:26:23 wgcgi_bin cmm/cmd resp is RS0       191         2   585                                                                   (num=I:1)(tunnel-list=(=(user=S:drreim)(real-ip=S:173.67.138.199)(real-port=S:63289)(virtual-ip=S:192.168.100.2)(logon-time=S:Sun:Feb:22:21:25:36:2009)(send-bytes=S:4221)(recv-Bytes=S:3710))). msg_id="0F00-0051"       Debug
2009-02-22 21:26:23 wgcgi_bin 23981----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:23 wgcgi_bin 24014----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:23 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2009-02-22 21:26:23 wgcgi_bin Handling raw CMM command (96 bytes) msg_id="0F00-0006"       Debug
2009-02-22 21:26:23 wgcgi_bin CMM cmd 1_3 [] msg_id="0F02-0009"       Debug
2009-02-22 21:26:23 wgcgi_bin cmm/cmd hdr is RS1.0. msg_id="0F00-0051"       Debug
2009-02-22 21:26:23 cmm_server status logged out msg_id="0100-0532"       Debug
2009-02-22 21:26:23 wgcgi_bin cmm/cmd resp is RS0       0           1   3                                                                     . msg_id="0F00-0051"       Debug
2009-02-22 21:26:23 wgcgi_bin 24014----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:23 Allow 81.161.192.4 205.238.249.55 http/tcp 32 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2097153 win 0" rc="100"       Traffic
2009-02-22 21:26:23 Allow 81.161.192.4 205.238.249.55 http/tcp 224 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 14680064 win 65535" rc="100"       Traffic
2009-02-22 21:26:23 Allow 81.161.192.4 205.238.249.55 http/tcp 224 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 14680065 win 0" rc="100"       Traffic
2009-02-22 21:26:24 wgcgi_bin Found prompt and submitted command: show log-cache sequence 5301348725542200135 msg_id="0F02-0012"       Debug
2009-02-22 21:26:24 wgcgi_bin 23938----stop msg_id="0F00-0002"       Debug
2009-02-22 21:26:24 Allow 172.16.151.252 64.251.27.193 dns/udp 60937 53 1-Lancaster 0-External allowed, idle timeout=15 sec 80 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10013" rc="100"       Traffic
2009-02-22 21:26:25 Deny 213.238.127.61 205.238.249.55 10147/udp 18230 10147 0-External Firebox denied 129 107 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:25 iked Starting phase 1 negotiation using  [Reliance_Bank] to 207.255.27.72:500 aggressive mode msg_id="0203-5051"       Debug
2009-02-22 21:26:25 iked Starting phase 1 negotiation using  [Edge_Harrisburg] to 74.46.76.246:500 main mode msg_id="0203-5031"       Debug
2009-02-22 21:26:25 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:25 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:25 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=4014c68e 133cf2cb r=1936fc98 f9acabaa msg_id="0203-5059"       Debug
2009-02-22 21:26:25 Allow 172.16.151.58 86.99.130.206 netbios-ns/udp 137 137 1-Lancaster 0-External allowed, idle timeout=15 sec 78 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10036" rc="100"       Traffic
2009-02-22 21:26:26 Deny 222.165.94.179 205.238.249.55 10019/udp 24175 10019 0-External Firebox denied 126 110 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:26 Allow 172.16.151.213 124.239.86.239 8000/tcp 4482 8000 1-Lancaster 0-External allowed, mss not exceeding 1460, idle timeout=43205 sec 48 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10046" tcpinfo="offset 7 S 1351501714 win 65535" rc="100"       Traffic
2009-02-22 21:26:27 dhcpd  DHCPINFORM from 192.168.3.51 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:27 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:27 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:27 iked  Process Notify Payload : Invalid Protocol Id 0         Debug
2009-02-22 21:26:27 iked  Process INFO_EXCHANGE : failed to process NOTIFY payload        Debug
2009-02-22 21:26:27 iked Cannot process the inform message from 207.255.27.72:500 to 205.238.249.55 cookies i=4014c68e 133cf2cb r=ff26adc0 90462c57 msg_id="0203-5059"       Debug
2009-02-22 21:26:27 Deny 124.227.192.107 205.238.249.55 15791/udp 41410 15791 0-External Firebox denied 90 107 (Unhandled External Packet-00)  rc="101"       Traffic
2009-02-22 21:26:28 Allow 172.16.151.252 64.251.27.193 dns/udp 65100 53 1-Lancaster 0-External allowed, idle timeout=15 sec 80 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10014" rc="100"       Traffic
2009-02-22 21:26:28 Allow 192.168.3.1 192.168.3.50 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.50 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:29 Allow 81.161.192.4 205.238.249.55 http/tcp 32782 80 0-External 1-Lancaster allowed, mss not exceeding 1460, idle timeout=43205 sec 40 19 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 S 2148401152 win 65535" rc="100"       Traffic
2009-02-22 21:26:29 Deny 81.161.192.4 205.238.249.55 http/tcp 0 80 0-External unknown Packet with src/dst port 0, firewall drop 40 19 (internal policy)  tcpinfo="offset 5 S 0 win 65535" rc="101"       Traffic
2009-02-22 21:26:29 Traffic 8008  Traffic detected,  proc_id="ma" msg_id="0401-1000" time="Sun Feb 22 21:26:29 2009 (EST)" hostname="FireboxX750e.kourt.com"       Alarm
2009-02-22 21:26:29 dhcpd  DHCPINFORM from 192.168.3.57 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:29 dhcpd  DHCPINFORM from 192.168.3.59 via eth2: not authoritative for subnet 192.168.3.0        Debug
2009-02-22 21:26:29 Allow 81.161.192.4 205.238.249.55 http/tcp 32782 80 0-External 1-Lancaster RST received 40 49 (HTTP-00)  dst_ip_nat="172.16.151.208" tcpinfo="offset 5 R 2148401153 win 0" rc="100"       Traffic
2009-02-22 21:26:29 Allow 192.168.3.1 192.168.3.50 icmp-Dest_Unreach code(3)   Firebox 2-Williamsport icmp error with data src_ip=192.168.3.50 dst_ip=192.168.3.1 pr=netbios-ns/udp src_port=137 dst_port=137 src_intf='2-Williamsport' dst_intf='0'  matching flow, allowed 106 64 (Outgoing-00)  rc="100"       Traffic
2009-02-22 21:26:29 wgcgi_bin 24021----start msg_id="0F00-0001"       Debug
2009-02-22 21:26:29 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2009-02-22 21:26:29 wgcgi_bin Handling raw CLI command (139 bytes) msg_id="0F00-0007"       Debug
2009-02-22 21:26:29 wgcgi_bin CLI cmd 4_331 [show log-cache sequence 5301348725542200330] msg_id="0F02-0007"       Debug
2009-02-22 21:26:29 wgcgi_bin CLI comand: show log-cache sequence 5301348725542200330 msg_id="0F02-0011"       Debug
2009-02-22 21:26:29 wgcgi_bin Launching: /bin/cli -s 2086856821   -i /tmp/cli_input.2ZJ6SQ -o /tmp/cli_output.zg2atU msg_id="0F02-0015"       Debug
2009-02-22 21:26:29 Allow 172.16.151.250 199.212.0.53 dns/udp 51038 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10092" rc="100"       Traffic
2009-02-22 21:26:29 Allow 172.16.151.250 82.216.111.75 dns/udp 58869 53 1-Lancaster 0-External allowed, idle timeout=15 sec 72 128 (Outgoing-00)  src_ip_nat="205.238.249.55" src_port_nat="10020" rc="100"       Traffic
0
 
dpk_walCommented:
Good to know that the problem is resolved! :)
0
 
it-kourtAuthor Commented:
If running SSL VPN on a Vista client disable UAC

C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

or instruct user to run as administrator to start the SSL VPN
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.