Event Id | 4982 |
Source | Microsoft-Windows-Security-Auditing |
Description | IPsec Main Mode and Extended Mode security associations were established. Local Endpoint: Principal Name: <Principal Name> Network Address:<Network Address> Keying Module Port: <Keying Module Port> Local Certificate: SHA Thumbprint: <SHA Thumbprint> Issuing CA:<Issuing CA> Root CA:<Root CA> Remote Endpoint: Principal Name: <Principal Name> Network Address: <Network Address> Keying Module Port: <Keying Module Port> Remote Certificate: SHA Thumbprint: <SHA Thumbprint> Issuing CA: <Issuing CA> Root CA: <Root CA> Cryptographic Information: Cipher Algorithm: <Cipher Algorithm> Integrity Algorithm: <Integrity Algorithm> Diffie-Hellman Group: <Diffie-Hellman Group> Security Association Information: Lifetime (minutes): <Lifetime> Quick Mode Limit: <Quick Mode Limit> Main Mode SA ID: <Main Mode SA ID> Additional Information: Keying Module Name: <Keying Module Name> Authentication Method: <Authentication Method> Role: <Role> Impersonation State:<Impersonation State> Main Mode Filter ID: <Main Mode Filter ID> Extended Mode Information: Local Principal Name: <Local Principal Name> Remote Principal Name: <Remote Principal Name> Authentication Method: <Authentication Method> Impersonation State:<Impersonation State> Quick Mode Filter ID: <Quick Mode Filter ID> |
Event Information | Cause : This event is logged when an IPSec main mode and extended mode security associations were established. |
Reference Links |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.