EZD1792I

Explanation
 This message indicates that a phase 2 Security
Association (SA) was rekeyed because its associated phase 1 SA was
reauthenticated.  SAs use secret keys that should be used only for
a limited amount of time and to protect a limited amount of data.
 Rekeying is the reestablishment of SAs to take the place of ones
that expire.  When a phase 1 SA is reauthenticated, all of its associated
 phase 2 SAs are rekeyed. 
 Additional messages that have the
same message instance number are issued to identify the affected SA.
The message instance number precedes the message number in  the log
output and is used to group related messages from the Internet Key
Exchange (IKE) daemon.  
 In the message text:  version
The version of the IKE protocol for the SA that was rekeyed.
phase2_generation  
The number used to differentiate SAs for the same tunnel.  The
first SA that is created for a tunnel is number 1.
phase2_tunnel_id  
The  tunnel prefix and number used to identify a phase 2 tunnel.
 The tunnel prefix is Y.
phase1_generation
The number used to differentiate SAs for the same tunnel.  The
first SA that is created for a tunnel is number 1.
phase1_tunnel_id 
The tunnel prefix and number used to identify a phase 1 tunnel.
 The tunnel prefix is K.

System action
 IKE daemon processing continues.

Operator response
 None.

System programmer response
 None.

User response
 Not applicable.

Problem determination
 None.

Source
 z/OS® Communications
Server TCP/IP: Network Security Server

Module
 CommonIPsecSA.cpp

Routing code
 11

Descriptor code
 7

Automation
 This message is output to syslog.

Example
  EZD1792I IKE version 2.0 Security Association 2 for tunnel Y8 rekeyed due to reauthentication of security 
         association 2 for tunnel K3