Message: <Operation type> has been successfully completed.
Message Type: LOG
Severity: INFO
Probable Cause: Indicates that the secret database has been updated using the fcsp auth-secret or no fcsp auth-secret command. The values for Operation type can be "set" or "remove".
Recommended Action: No action is required.
Message:<Operation type> has failed.
Message Type: LOG
Severity: ERROR
Probable Cause: Indicates that the specified action to update the secret database using the fcsp auth-secret or no fcsp auth-secret command has failed. The values for Operation type can be "set" or "remove".
Recommended Action: Execute the fcsp auth-secret or no fcsp auth-secret command again. Execute the copy support command and contact your switch service provider.
Message: <data type> type has been successfully set to <setting value>.
Message Type: LOG
Severity:INFO
Probable Cause: Indicates that an authentication configuration parameter was set to a specified value. The data type can be either authentication type, DH group type, or policy type.
Recommended Action: No action is required.
Message: Failed to set <data type> type to <setting value>.
Message Type: LOG
Severity: ERROR
Probable Cause: Indicates that the fcsp auth command has failed to set the authentication configuration value. The data type can be either authentication type, DH group type, hash type, or policy type.
Recommended Action: Execute the fcsp auth command. Execute the copy support command and contact your switch service provider.
Message: Failed to open authentication configuration file.
Message Type: LOG
Severity:WARNING
Probable Cause: Indicates an internal problem with the security policy.
Recommended Action: Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: The proposed authentication protocol(s) are not supported: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the proposed authentication protocol types are not supported by the local port.
Recommended Action:Execute the fcsp auth command to make sure the local switch supports the following protocols: Fibre Channel Authentication Protocol (FCAP) or Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP).
Message: Failed to initialize security policy: switch <switch number>, error <error code>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates an internal problem with the security policy.
Recommended Action:Reload or power cycle the switch. If the message persists, execute the copy support command and contact your switch service provider.
Message: Authentication <code> is rejected: port <port number> explain <explain code> reason <reason code>.
Message Type: LOG
Severity:WARNING
Probable Cause: Indicates that the specified authentication is rejected because the remote entity does not support authentication.
Recommended Action:Make sure the entity at the other end of the link supports authentication.
Message: Cannot perform authentication request message: port <port number>, message code <message code>.
Message Type: LOG
Severity:WARNING
Probable Cause: Indicates that the system is running low on resources when receiving an authentication request. Usually this problem is transient. The authentication may fail.
Recommended Action: Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Invalid port value to <operation>: port <port number>.
Message Type:LOG | FFDC
Severity:ERROR
Probable Cause: Indicates an internal problem with the security policy.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Invalid value to start authentication request: port <port number>, operation code<operation code>.
Message Type: LOG
Severity: ERROR
Probable Cause: Indicates an internal problem with the security policy.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Invalid value to check protocol type: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates an internal problem with the security policy.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to create timer for authentication: port <port number>.
Message Type: LOG
Severity:INFO
Probable Cause: Indicates that an authentication message timer was not created. Usually this problem is transient. The authentication may fail.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to extract <data type> from <message> payload: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the authentication process failed to extract a particular value from the receiving payload. Usually this problem is transient. The authentication may fail.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to get <data type> during <authentication phase>: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the authentication process failed to get expected information during the specified authentication phase. Usually this problem is transient. The authentication may fail.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to <Device information> during negotiation phase: port <port number>.
Message Type: LOG
Severity:WARNING
Probable Cause: Indicates that the authentication failed to get device or host bus adapter (HBA) information due to an internal failure. Usually this problem is transient. The authentication may fail.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to select <authentication value> during <authentication phase>: value <value> port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the authentication process failed to select an authentication value (for example, DH group, hash value, or protocol type) from a receiving payload during the specified authentication phase. This error occurred because the local switch does not support the specified authentication value.
Recommended Action:Check the authentication configuration and reset the supported value if needed using the fcsp auth command. Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to allocate <data type> for <operation phase>: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the authentication process failed because the system is low on memory. Usually this problem is transient. The authentication may fail. The data type is a payload or structure that failed to get memory. The operation phase specifies which operation of a particular authentication phase failed.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands. If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to get <data type> for <message phase> message: port <port number>, retval <error code>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the authentication process failed to get a particular authentication value at certain phase. Usually this problem is transient. The authentication may fail.
The data type is a payload or structure that failed to get memory.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Invalid message code for <message phase> message: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the receiving payload does not have a valid message code during the specified authentication phase. Usually this problem is transient. The authentication may fail.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to retrieve secret value: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the secret value was not set properly for the authenticated entity.
Recommended Action:Reset the secret value using the fcsp auth-secret command.
Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
Message: Failed to generate <data type> for <message payload> payload: length <data length>, error code <error code>, port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the authentication process failed to generate specific data (for example, challenge, nonce, or response data) for an authentication payload. This usually relates to an internal failure. A nonce is a single-use, usually random value used in authentication protocols to prevent replay attacks. Usually this problem is transient. The authentication may fail.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Disable port <port number> due to unauthorized switch <switch WWN value>.
Message Type: LOG
Severity: ERROR
Probable Cause: Indicates that an entity, which was not configured in the switch connection control (SCC) policy tried to connect to the port.
Recommended Action:Add the entity World Wide Name (WWN) to the SCC policy using the secpolicy defined-policy command, then reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
Message: Failed to validate name <entity name> in <authentication message>: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the entity name in the payload is not in the correct format.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Invalid <data type> length in <message phase> message: length <data length>, port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that a particular data field in the authentication message has an invalid length field. This error usually relates to an internal failure.
Usually this problem is transient. The authentication may fail.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis disable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Invalid state <state value> for <authentication phase>: port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the switch received an unexpected authentication message. Usually this problem is transient. The authentication may fail.
Recommended Action:Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis disable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Failed to <operation type> response for <authentication message>: init_len <data length>, resp_len <data length>, port <port number>.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that a Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP) authentication operation failed on the specified port due to mismatched response values between two entities. The error may indicate that an invalid entity tried to connect to the switch.
Recommended Action:Check the connection port for a possible security attack.
Reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis disable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Neighboring switch has conflicting authentication policy: Port <Port Number> disabled.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the neighboring switch has a conflicting authentication policy enabled. The E_Port has been disabled because the neighboring switch has rejected the authentication negotiation and the local switch has a strict switch authentication policy.
Recommended Action:Correct the switch policy configuration on either of the switches using the fcsp auth command, and then enable the port using the no shutdown command.
Message: Reject authentication on port <Port Number>, because switch authentication policy is set to OFF.
Message Type: LOG
Severity:INFO
Probable Cause: Indicates that the local switch has rejected the authentication because the switch policy is turned off. If the neighboring switch has a strict (ON) switch policy, the port will be disabled due to conflicting configuration settings. Otherwise, the E_Port will form without authentication.
Recommended Action:If the port is disabled, correct the switch policy configuration on either of the switches using the fcsp auth command, and then enable the port on neighboring switch using the no shutdown command. If the E_Port has formed, no action is required.
Message: Port <port number> has been disabled, because an authentication-reject was received with code '<Reason String>' and explanation '<Explanation String>'.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the specified port has been disabled because it received an authentication-reject response from the connected switch or device. The error may indicate that an invalid entity tried to connect to the switch.
Recommended Action:Check the connection port for a possible security attack.
Check the shared secrets using the show fcsp auth-secret dh-chap command and reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis disable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Port <port number> has been disabled, because authentication failed with code '<Reason String>' and explanation '<Explanation String>'.
Message Type: LOG
Severity:ERROR
Probable Cause: Indicates that the specified port has been disabled because the connecting switch or device failed to authenticate. The error may indicate that an invalid entity attempted to connect to the switch.
Recommended Action:Check the connection port for a possible security attack.
Check the shared secrets using the show fcsp auth-secret dh-chap command and reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis disable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Authentication <Reason for disabling the port>. Disabling the port <port number>.
Message Type: LOG | FFDC
Severity:ERROR
Probable Cause: Indicates that the authentication has timed out after multiple retries and as a result, the specified port has been disabled. This problem may be transient due to the system CPU load. In addition, a defective small form-factor pluggable (SFP) or faulty cable may have caused the failure.
Recommended Action:Check the SFP and the cable. Then try to enable the port using the no shutdown command.
Message: Event: <Event Name>, Status: success, Info: <Data type> type has been changed from [<Old value>] to [<New value>].
Message Type: AUDIT
Class:SECURITY
Severity:INFO
Probable Cause: Indicates that a authentication configuration parameter was set to a specified value. The data type can be either authentication type, DH group type, hash type, or policy type.
Recommended Action:No action is required.
Message: Event: <Event Name>, Status: success, Info: <Event Related Info>.
Message Type: AUDIT
Class:SECURITY
Severity:INFO
Probable Cause: Indicates that the secret database has been updated using the fcsp auth-secret command.
Recommended Action:No action is required.
Message: Event: <Event Name>, Status: failed, Info: Neighboring switch has a conflicting authentication policy; Port <Port Number> disabled.
Message Type: AUDIT
Class:SECURITY
Severity:INFO
Probable Cause: Indicates that the specified E_Port was disabled because the neighboring switch rejected the authentication negotiation and the local switch has a strict switch authentication policy.
Recommended Action:Correct the switch policy configuration on either of the switches using the fcsp auth command, and then enable the port using no shutdown command.
Message: Event: <Event Name>, Status: failed, Info: Rejecting authentication request on port <Port Number> because switch policy is turned OFF.
Message Type: AUDIT
Class:SECURITY
Severity:INFO
Probable Cause: Indicates that the local switch has rejected the authentication request because the switch policy is turned off. If the neighboring switch has a strict (ON) switch policy, the port will be disabled due to conflicting configuration settings. Otherwise, the E_Port will form without authentication.
Recommended Action:If the specified port is disabled, correct the switch policy configuration on either of the switches using the fcsp auth command, and then enable the port on the neighboring switch using no shutdown command.
If the E_Port formed, no action is required.
Message: Event: <Event Name>, Status: failed, Info: Authentication failed on port <port number> due to mismatch of DH-CHAP shared secrets.
Message Type: AUDIT
Class:SECURITY
Severity:INFO
Probable Cause: Indicates that a Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP) authentication operation failed on the specified port due to mismatched response values between two entities. The error may indicate that an invalid entity tried to connect to the switch.
Recommended Action:Check the connection port for a possible security attack.
Check the shared secrets using the show fcsp auth-secret dh-chap command and reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Event: <Event Name>, Status: failed, Info: Port <port number> disabled, because an authentication-reject was received with code '<Reason String>' and Explanation '<Explanation String>'.
Message Type: AUDIT
Class:SECURITY
Severity:INFO
Probable Cause: Indicates that the specified port was disabled because it received an authentication-reject response from the connected switch or device. The error may indicate that an invalid entity tried to connect to the switch.
Recommended Action:Check the connection port for a possible security attack.
Check the shared secrets using show fcsp auth-secret dh-chap and reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
If the message persists, execute the copy support command and contact your switch service provider.
Message: Event: <Event Name>, Status: failed, Info: Port <port number> has been disabled due to authentication failure with code '<Reason String>' and explanation '<Explanation String>'.
Message Type: AUDIT
Class:SECURITY
Severity:INFO
Probable Cause: Indicates that the specified port has been disabled because the connecting switch or device failed to authenticate. The error may indicate that an invalid entity tried to connect to the switch.
Recommended Action:Check the connection port for a possible security attack.
Check the shared secrets using show fcsp auth-secret dh-chap and reinitialize authentication using the shutdown and no shutdown commands or the chassis disable and chassis enable commands.
If the message persists, execute the copy support command and contact your switch service provider.