Event ID: 4979

IPsec main mode and extended mode security associations were established

IPsec main mode and extended mode security associations were established.

Main Mode Local Endpoint:
    Principal Name:     %1
    Network Address:    %3
    Keying Module Port: %4

Main Mode Remote Endpoint:
    Principal Name: %2
    Network Address:    %5
    Keying Module Port: %6

Main Mode Cryptographic Information:
    Cipher Algorithm:   %8
    Integrity Algorithm:    %9
    Diffie-Hellman Group:   %10

Main Mode Security Association:
    Lifetime (minutes): %11
    Quick Mode Limit:   %12
    Main Mode SA ID:    %16

Main Mode Additional Information:
    Keying Module Name: AuthIP
    Authentication Method:  %7
    Role:           %13
    Impersonation State:    %14
    Main Mode Filter ID:    %15

Extended Mode Information:
    Local Principal Name:   %17
    Remote Principal Name:  %18
    Authentication Method:  %19
    Impersonation State:    %20
    Quick Mode Filter ID:   %21



Lookup Audit Policy Configuration Settings

C:\> AuditPol.exe /get /subcategory:"IPsec Extended Mode"
How to enable Windows Auditing



LEFT/RIGHT arrow keys for navigation

Back to List