EZD1550I

Explanation
 This message is received in response to an ipsec
-F command.  The Defense Manager daemon (DMD) detected an
error and reported it to the ipsec command processor.
 In
the message text: error_description
A description of the error that the DMD reported.  Possible values
are: error_description value
Explanation
 duplicate filter name

This error description is received in response
to an ipsec -F add command that specifies a filter
name with the -N option that conflicts with an unexpired defensive
filter name.
 filter is not found

This error description is received in response
to an ipsec -F update command when the filter to
be updated is not found. 
 stack is not configured for IPSECURITY

This error description is received in response
to an ipsec -F add command directed to a specific
stack when the stack is not configured for IP Security.
 stack is not configured for IPv6 IPSECURITY

This error description is received in response
to an ipsec -F add command for an IPv6 filter that
is directed to a specific stack and the stack is not configured for
IPv6 Security.
 stack is not configured 

This error description is received in response
to an ipsec -F add command directed to a specific
stack when the stack is not  configured with a DmStackConfig statement
in the DMD configuration file.
 stack mode is INACTIVE

This error description is received in response
to an ipsec -F add command directed to a specific
stack when the stack is configured as Inactive on the DmStackConfig
statement in the DMD configuration file.
 user ID is not authorized

This error description is received in response
to an ipsec -F command when the user ID is not
authorized to the EZB.IPSECCMD profiles through the security access
facility.
 too many connections

This error description is received in response
to an  ipsec -F command when the ipsec command
is unable to process the request because it is has reached its limit
of concurrent ipsec command connections.  
 log no is not allowed for a filter with
mode simulate

This error description is received in response
to an ipsec -F update log no command for an existing
defensive filter with a mode of simulate.  Logging cannot be turned
off for a filter with a mode of simulate.
 bad data 
 IOCTL failure 
 connection
ID is not valid 
 internal error is reported by the Defense
Manager daemon 
 memory allocation error 
 cannot retrieve
user ID credentials 
 client is already connected

These error descriptions are received in response
to an ipsec -F command when an internal error has
occurred.

System action
 The z/OS® UNIX ipsec command
processing ends.

Operator response
 The operator response is based on the error_description value
as shown in the following table.
 error_description value
Operator response
 duplicate filter name

Reissue the ipsec -F add command
with a unique defensive filter name.  See the information about defensive filter names in z/OS Communications Server: IP Configuration
Guide for more information.

 filter is not found

If the filter name specified on the ipsec command
was incorrect, reissue the ipsec command, specifying
the correct filter name.  Issue the ipsec -F display command
to display the defensive filters installed in the stack.  See the
information about managing network security  in z/OS Communications Server: IP System Administrator's
Commands or issue the man ipsec command
 in a z/OS UNIX shell to obtain information about the ipsec command
syntax and options.

 stack is not configured for IPSECURITY

Contact the system programmer.
 stack is not configured for IPv6 IPSECURITY

Contact the system programmer.
 stack is not configured 

Contact the system programmer.
 stack mode is INACTIVE

Contact the system programmer.
 user ID is not authorized

Contact the system programmer.
 too many connections

Reissue the ipsec command.
 If the command continues to fail, contact the system programmer. 
 log no is not allowed for a filter with
mode simulate

None.
 bad data 
 IOCTL failure 
 connection
ID is not valid 
 internal error is reported by the Defense
Manager daemon 
 memory allocation error 
 cannot retrieve
user ID credentials 
 client is already connected

Reissue the ipsec command.
 If the command continues to fail, contact the system programmer. 

System programmer response
 The system programmer response is
based on the error_description value as shown in
the following table.
 error_description value
System programmer response
 duplicate filter name

None.
 filter is not found

None. 
 stack is not configured for IPSECURITY

If you want to allow defensive filters to be
installed for the TCP/IP stack, enable IP security.   See the information
about enabling the IP security function in z/OS Communications Server: IP Configuration
Guide.

 stack is not configured for IPv6 IPSECURITY

If you want to allow IPv6 defensive filters
to be installed for the TCP/IP stack, enable IP security for IPv6.
  See the information about enabling the
IP security function in z/OS Communications Server: IP Configuration
Guide.

 stack is not configured 

If you want to allow defensive filters to be
installed for the TCP/IP stack, configure a DmStackConfig statement
for the stack in the DMD configuration file.  The Mode keyword must
be set to Active or Simulate to enable defensive filtering.   See
the information about the Defense Manager daemon
(DMD) in z/OS Communications Server: IP Configuration
Reference for information about the DMD configuration
file.

 stack mode is INACTIVE

If you want to allow defensive filters to be
installed for the TCP/IP stack, the defensive filtering mode for the
stack must be Active or  Simulate.  If the DmStackConfig statement
for this stack in the DMD configuration file has Mode Inactive specified,
update the mode to Active or Simulate.  Issue the MODIFY REFRESH command
to begin using the new value.  If the mode is already Active or
Simulate, a MODIFY FORCE_INACTIVE command might have been issued,
forcing defensive filtering to Inactive.  Issue a MODIFY procname,REFRESH,FILE=file command
to enable defensive filtering.
 See the information about the Defense Manager daemon (DMD) in z/OS Communications Server: IP Configuration
Reference for information about the DMD configuration
file.

 user ID is not authorized

Create the required SERVAUTH profiles to authorize
the user ID that is issuing the ipsec command.
 If the SERVAUTH profiles exist, give the user ID that is issuing
the ipsec command permission to access the profiles.
 See the information about ipsec command
security in z/OS Communications Server: IP System Administrator's
Commands for more information about  the required
SERVAUTH profiles.

 too many connections

This error might be received as the result of
automation that is attempting to add, update, or delete a large number
of defensive filters simultaneously.  Update the automation to issue
the ipsec commands sequentially.  If automation
is not being used, this error might be the result of an internal error.
 For an internal error, contact IBM® software
support services.  Provide a dump of the DMD.  If available, provide
CTRACE information for component SYSTCPDM.
 log no is not allowed for a filter with
mode simulate

None.
 bad data 
 IOCTL failure 
 connection
ID is not valid 
 internal error is reported by the Defense
Manager daemon 
 memory allocation error 
 cannot retrieve
user ID credentials 
 client is already connected

Contact IBM software
support services. Provide a dump of the DMD.  If available, provide
CTRACE information for component SYSTCPDM.  

User response
 Not applicable.

Problem determination
 None.

Source
 z/OS Communications
Server z/OS UNIX ipsec command

Module
 Not applicable.

Routing code
 10

Descriptor code
 12

Automation
 Not applicable.

Example
  EZD1550I Defense Manager daemon reported an error - duplicate filter name