Event ID: 4963IPsec dropped an inbound clear text packet that should have been secured
IPsec dropped an inbound clear text packet that should have been secured. If the remote computer is configured with a Request Outbound IPsec policy, this might be benign and expected. This can also be caused by the remote computer changing its IPsec policy without informing this computer. This could also be a spoofing attack attempt. Remote Network Address: %1 Inbound SA SPI: %2
Lookup Audit Policy Configuration Settings
C:\> AuditPol.exe /get /subcategory:"IPsec Driver"
LEFT/RIGHT arrow keys for navigationBack to List