Windows Security Log Event ID 4652

Operating Systems	Windows 2008 R2 and 7 Windows 2012 R2 and 8.1 Windows 2016 and 10 Windows Server 2019 and 2022
Category • Subcategory	Logon/Logoff • IPsec Main Mode
Type	Failure
Corresponding events in Windows 2003 and before

4652: An IPsec Main Mode negotiation failed

On this page

Description of this event
Field level details
Examples

Free Security Log Resources by Randy

Supercharger Free Edition

Your entire Windows Event Collection environment on a single pane of glass.

Free.

Examples of 4652

An IPsec Main Mode negotiation failed.

Local Endpoint:
   Principal Name: %1
   Network Address: %9
   Keying Module Port: %10
Local Certificate:
   SHA Thumbprint: %2
   Issuing CA: %3
   Root CA: %4
Remote Endpoint:
   Principal Name: %5
   Network Address: %11
   Keying Module Port: %12
Remote Certificate:
   SHA thumbprint: %6
   Issuing CA: %7
   Root CA: %8
Additional Information:
   Keying Module Name: %13
   Authentication Method: %16
   Role:   %18
   Impersonation State: %19
   Main Mode Filter ID: %20
Failure Information:
   Failure Point: %14
   Failure Reason: %15
   State:   %17
   Initiator Cookie: %21
   Responder Cookie: %22

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection

Upcoming Webinars

Additional Resources

Encyclopedia

•	Event IDs
•	All Event IDs
•	Audit Policy

Go To Event ID:

Must be a 1-5 digit number No such event ID

Security Log
Quick Reference
Chart
Download now!

User name:
Password:
	/ Forgot?
	Register

July 2024 Patch Tuesday	"Patch Tuesday - Four Zero Days " - sponsored by Supercharger for Windows Event Collection

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.