Messages 778001 to 785001
This section includes messages from 778001 to 785001.
778001
Error Message
%FTD-6-778001: VXLAN: Invalid VXLAN segment-id segment-id for protocol from ifc-name :(IP-address/port) to ifc-name :(IP-address/port).
Explanation The Secure Firewall Threat Defense device tries to create an inner connection for a VXLAN packet, but the VXLAN packet has an invalid segment ID.
Recommended Action None required.
778002
Error Message
%FTD-6-778002: VXLAN: There is no VNI interface for segment-id segment-id .
Explanation A decapsulated ingress VXLAN packet is discarded, because the segment ID in the VXLAN header does not match the segment ID of any VNI interface configured on the Secure Firewall Threat Defense device.
Recommended Action None required.
778003
Error Message
%FTD-6-778003: VXLAN: Invalid VXLAN segment-id segment-id for protocol from ifc-name :(IP-address/port) to ifc-name :(IP-address/port) in FP.
Explanation The Secure Firewall Threat Defense Fast Path sees a VXLAN packet with an invalid segment ID.
Recommended Action Check the VNI interface segment ID configurations to see if the dropped packet has the VXLAN segment ID that does not match any VNI segment ID configuration.
778004
Error Message %FTD-6-778004: VXLAN: Invalid VXLAN header for protocol from ifc-name :(IP-address/port) to ifc-name :(IP-address/port) in FP.
Explanation The Secure Firewall Threat Defense VTEP sees a VXLAN packet with an invalid VXLAN header.
Recommended Action None required.
778005
Error Message %FTD-6-778005: VXLAN: Packet with VXLAN segment-id segment-id from ifc-name is denied by FP L2 check.
Explanation A VXLAN packet is denied by a Fast Path L2 check.
Recommended Action Check the VNI interface segment ID configurations to see if the dropped packet has the VXLAN segment ID that does not match any VNI segment ID configuration. Check to see if the STS table has an entry that matches the dropped packet’s segment ID.
778006
Error Message %FTD-6-778006: VXLAN: Invalid VXLAN UDP checksum from ifc-name :(IP-address/port) to ifc-name :(IP-address/port) in FP.
Explanation The Secure Firewall Threat Defense VTEP received a VXLAN packet with an invalid UDP checksum value.
Recommended Action None required.
778007
Error Message %FTD-6-778007: VXLAN: Packet from ifc-name :IP-address/port to IP-address/port was discarded due to invalid NVE peer.
Explanation The Secure Firewall Threat Defense VTEP received a VXLAN packet from an IP address that is different from the configured NVE peer.
Recommended Action None required.
779001
Error Message %FTD-6-779001: STS: Out-tag lookup failed for in-tag segment-id of protocol from ifc-name :IP-address /port to IP-address /port .
Explanation The Secure Firewall Threat Defense device tries to create a connection for a VXLAN packet, but failed to use the STS lookup table to locate the out-tag for the in-tag (segment ID) in the VXLAN packet.
Recommended Action None required.
779002
Error Message %FTD-6-779002: STS: STS and NAT locate different egress interface for segment-id segment-id , protocol from ifc-name :IP-address /port to IP-address /port
Explanation The Secure Firewall Threat Defense device tries to create a connection for a VXLAN packet, but the STS lookup table and NAT policy locate a different egress interface.
Recommended Action None required.
779003
Error Message %FTD-3-779003: STS: Failed to read tag-switching table - reason
Explanation The Secure Firewall Threat Defense device tried to read the tag-switching table, but failed.
Recommended Action None required.
779004
Error Message
%FTD-3-779004: STS: Failed to write tag-switching table - reason
Explanation The Secure Firewall Threat Defense device tried to write to the tag-switching table, but failed.
Recommended Action None required.
779005
Error Message %FTD-3-779005: STS: Failed to parse tag-switching request from http - reason
Explanation The Secure Firewall Threat Defense device tried to parse the HTTP request to see what to do on the tag-switching table, but failed.
Recommended Action None required.
779006
Error Message %FTD-3-779006: STS: Failed to save tag-switching table to flash - reason
Explanation The Secure Firewall Threat Defense device tried to save the tag-switching table to flash memory, but failed.
Recommended Action None required.
779007
Error Message %FTD-3-779007: STS: Failed to replicate tag-switching table to peer - reason
Explanation The Secure Firewall Threat Defense device attempts to replicate the tag-switching table to the failover standby unit or clustering data units, but failed to do so.
Recommended Action None required.
780001
Error Message %FTD-6-780001: RULE ENGINE: Started compilation for access-group transaction - description of the transaction .
Explanation The rule engine has started compilation for an access group transaction. The description of the transaction is the command line input of the access group itself.
Recommended Action None required.
780002
Error Message %FTD-6-780002: RULE ENGINE: Finished compilation for access-group transaction - description of the transaction .
Explanation The rule engine has finished compilation for a transaction. Taking access group as an example, the description of the transaction is the command line input of the access group itself.
Recommended Action None required.
780003
Error Message %FTD-6-780003: RULE ENGINE: Started compilation for nat transaction - description of the transaction .
Explanation The rule engine has started compilation for a NAT transaction. The description of the transaction is the command line input of the nat command itself.
Recommended Action None required.
780004
Error Message %FTD-6-780004: RULE ENGINE: Finished compilation for nat transaction - description of the transaction .
Explanation The rule engine has finished compilation for a NAT transaction. The description of the transaction is the command line input of the nat command itself.
Recommended Action None required.
780005
Error Message %FTD-6-780005: RULE ENGINE: Started compilation for session transaction - description of the transaction .
Explanation The rule engine has started compilation for the session transaction. This message is generated only when transactional commit is enabled.
Recommended Action None required.
780006
Error Message %threat defense-6-780006: RULE ENGINE: Finished compilation for session transaction - description of the transaction .
Explanation The rule engine has completed compilation for the transaction. This message is generated only when transactional commit is enabled.
Recommended Action None required.
785001
Error Message %FTD-7-785001: Clustering: Ownership for existing flow from <in_interface>:<src_ip_addr>/<src_port> to <out_interface>:<dest_ip_addr>/<dest_port>
moved from unit <old-owner-unit-id> at site <old-site-id> to <new-owner-unit-id> at site <old-site-id> due to <reason>.
Explanation This syslog is generated when clustering moved the flow from one unit in one site to another unit in another site in inter-DC environment. Reason must be whatever triggered the move, such as LISP notification.
Recommended Action Verify the flow status in the new unit at new site.