Windows Security Log Event ID 4652

Operating Systems Windows 2008 R2 and 7
Windows 2012 R2 and 8.1
Windows 2016 and 10
Windows Server 2019
Category
 • Subcategory
Logon/Logoff
 • IPsec Main Mode
Type Failure
Corresponding events
in Windows 2003
and before
 
Discussions on Event ID 4652
Ask a question about this event

4652: An IPsec Main Mode negotiation failed

On this page

Free Security Log Resources by Randy

Supercharger Free Edition


Supercharger's built-in Xpath filters leave the noise behind.

Free.

 

Examples of 4652

An IPsec Main Mode negotiation failed.

Local Endpoint:

   Principal Name:  %1
   Network Address: %9
   Keying Module Port: %10

Local Certificate:
   SHA Thumbprint: %2
   Issuing CA:  %3
   Root CA:  %4

Remote Endpoint:
   Principal Name:  %5
   Network Address: %11
   Keying Module Port: %12

Remote Certificate:
   SHA thumbprint:  %6
   Issuing CA:  %7
   Root CA:  %8

Additional Information:
   Keying Module Name: %13
   Authentication Method: %16
   Role:   %18
   Impersonation State: %19
   Main Mode Filter ID: %20

Failure Information:
   Failure Point:  %14
   Failure Reason:  %15
   State:   %17
   Initiator Cookie:  %21
   Responder Cookie: %22

Keep me up-to-date on the Windows Security Log.
Email*:
*We will NOT share this

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection



 

Additional Resources