Windows Security Log Event ID 4983

Operating Systems Windows 2008 R2 and 7
Windows 2012 R2 and 8.1
Windows 2016 and 10
Windows Server 2019
Category
 • Subcategory
Logon/Logoff
 • IPsec Main Mode
Type Success
Corresponding events
in Windows 2003
and before
 
Discussions on Event ID 4983
Ask a question about this event

4983: An IPsec Extended Mode negotiation failed

On this page

I haven't been able to produce this event. Have you? If so, please start a discussion (see above) and post a sample along with any comments you may have! Don't forget to sanitize any private information.

Free Security Log Resources by Randy

Supercharger Free Edition


Supercharger's built-in Xpath filters leave the noise behind.

Free.

 

Examples of 4983

An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.

Local Endpoint:

Principal Name:  %1
Network Address: %9
Keying Module Port: %10

Local Certificate:

SHA Thumbprint: %2
Issuing CA:  %3
Root CA:  %4

Remote Endpoint:

Principal Name:  %5
Network Address: %11
Keying Module Port: %12

Remote Certificate:

SHA Thumbprint: %6
Issuing CA:  %7
Root CA:  %8

Additional Information:

Keying Module Name: AuthIP
Authentication Method: SSL
Role:   %16
Impersonation State: %17
Quick Mode Filter ID: %18

Failure Information:

Failure Point:  %13
Failure Reason:  %14
State:   %15

Keep me up-to-date on the Windows Security Log.
Email*:
*We will NOT share this

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection



 

Additional Resources