Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
431
Views
4
Helpful
1
Replies

What do these errors mean on Cisco 837 router?

whiteford
Level 1
Level 1

‎02-28-2006 12:02 AM - edited ‎03-03-2019 11:53 AM

As radom times of the day I get these errors set to our syslog server for one of our Cisco 837 routers, what do they mean and are they a problem?

Error 1 -

2/27/2006 9:29 AM : CRYPTO-4-PKT_REPLAY_ERR 51: Feb 27 09:27:16.941 UTC: %CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed

Error 2 -

2/27/2006 9:16 AM : 50: connection id=13422064

Error 3 -

2/27/2006 9:13 AM : CRYPTO-4-RECVD_PKT_MAC_ERR 48: Feb 27 09:11:22.163 UTC: %CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=134220646

Error 4 -

2/27/2006 8:57 AM : FW-3-HTTP_JAVA_BLOCK 42: Feb 27 08:55:57.608 UTC: %FW-3-HTTP_JAVA_BLOCK: JAVA applet is blocked from (209.61.212.159:80) to (192.168.1.25:1278).

Labels:
0 Helpful
1 Reply 1

spremkumar
Level 9
Level 9

‎02-28-2006 12:17 AM

Hi

1.Do find the link which talks about resizing the window size due to which u are getting the first error.

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455ad4.html

Also find the details about the other logs as well as the recommended action..

2.%CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=[dec]

The MAC verify processing failed. This might be caused by the use of the wrong key by either party during the MAC calculations.

This activity could be considered a hostile event

Recommended Action: Contact the peer administrator

3.%FW-3-HTTP_JAVA_BLOCK: JAVA applet is blocked from ([IP_address]:[dec]) to ([IP_address]:[dec]).

A Java applet was seen in the HTTP channel, and the firewall configuration indicates that the applet from this Web site should be prohibited. The message indicates that the applet is being downloaded from one of the prohibited sites, and its entrance to the protected network is not allowed. The connection is reset, and the transmission of the detected applet is aborted immediately.

Recommended Action: This message is for informational purposes only, but it may indicate a security problem.

regds

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card