Cisco Firepower 4110 Preparative Procedures & Operational User Manual page 19
Firepower 4100 series; firepower 9000 series
Hide thumbs
Also See for Firepower 4110:
- Hardware installation manual (84 pages) ,
- Manual (26 pages) ,
- Getting started (42 pages)
Table of Contents
Advertisement
Cisco Preparative Procedures & Operational User Guide
SFR
Auditable
Event
establish an
IPsec SA.
FCS_SSHS_EXT.1
Failure to
establish an
SSH session
Successful
SSH rekey
FCS_TLSC_EXT.2
Failure to
establish an
TLS Session
© 2016 Cisco Systems, Inc. All rights reserved.
Actual Audited Event
between IP_ADDRESS [C=US, ST=CA, O=cisco, OU=STBU,
CN=D_NAME]...IP_ADDRESS [C=US, O=Luo, CN=D_NAME] - charon-
custom
%AUTHPRIV-6-SYSTEM_MSG: 15[IKE] IKE SA key size (128) is less then
CHILD SA key size (256), sa strength violation - charon-custom
%AUTHPRIV-6-SYSTEM_MSG: 15[IKE] failed to establish CHILD_SA,
keeping IKE_SA - charon-custom
%AUTHPRIV-6-SYSTEM_MSG: 15[IKE] received AUTH_LIFETIME of
9850s, scheduling reauthentication in 8410s - charon-custom
2017 Jan 31 10:10:04 mio4-A %AUTHPRIV-6-SYSTEM_MSG: 15[IKE]
sending DELETE for ESP CHILD_SA with SPI cd365fb3 - char on-custom
%FPRM-6-AUDIT: [session][internal][creation][internal][213987][sys/user-
ext/sh-login-admin-pts_0_1_4614][id:pts_0_1_4614, name: USERNAME,
policyOwner:local][] Fabric A: local user USERNAME logged in from
IP_ADDRESS
%AUTHPRIV-6-SYSTEM_MSG: pam_unix(sshd:session): session closed for
user USERNAME – sshd[25700]
%AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user
USERNAME from IP_ADDRESS - sshd[3094]
%DAEMON-7-SYSTEM_MSG: debug1: set_newkeys: rekeying -
sshd[29140]
%USER-6-SYSTEM_MSG: [ssl:info] [pid 8926:tid 1823603600] [client
IP_ADDRESS:60782] AH01964: Connection to child 124 established (server
IP_ADDRESS:443) - httpd[8926]
%USER-6-SYSTEM_MSG: [ssl:info] [pid 19718:tid 1953270672] [client
IP_ADDRESS:60106] AH02008: SSL library error 1 in handshake (server
IP_ADDRESS:443) - httpd[19718]
%USER-6-SYSTEM_MSG: [ssl:info] [pid 19718:tid 1953270672] SSL
Library Error: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared
cipher -- Too restrictive SSLCipherSuite or using DSA server certificate? -
httpd[19718]
%USER-6-SYSTEM_MSG: [ssl:info] [pid 8926:tid 1823603600] [client
IP_ADDRESS:60782] AH02008: SSL library error 1 in handshake (server
IP_ADDRESS:443) - httpd[8926]
%USER-6-SYSTEM_MSG: [ssl:info] [pid 8926:tid 1823603600] SSL Library
Error: error:14076129:SSL routines:SSL23_GET_CLIENT_HELLO:only tls
allowed in fips mode - httpd[8926]
%USER-6-SYSTEM_MSG: [ssl:info] [pid 8926:tid 1823603600] [client
IP_ADDRESS:60782] AH01998: Connection closed to child 124 with abortive
shutdown (server IP_ADDRESS:443) - httpd[8926]
- Quick Links:
- Configure Ssh Via Cli
Hide quick links:
Advertisement
Table of Contents
