Event ID - PIX-4-402115

Message CodePIX-4-402115
SeverityWarning
DescriptionIPSEC: Received a packet from remote_IP to local_IP containing act_prot data instead of exp_prot data.
Explanation"This message is displayed when an IPSec packet is received that is missing the expected ESP header. The peer is sending packets that do not match the negotiated security policy. This may indicate an attack. This message is rate limited to no more than one message every five seconds. remote_IP—IP address of the remote endpoint of the tunnel local_IP—IP address of the local endpoint of the tunnel
act_prot—Received IPSec protocol
exp_prot—Expected IPSec protocol"
User ActionContact the peer administrator.
Reference Links

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh