WinSecWiki > Security Settings > Local Policies > Audit Policy > Audit Logon > IPsec Main
IPsec Main Mode
IPSec is an IP protocol that provides authentication, integrity and optionally encryption at the packet level. This subcategory records all IPSec main mode events. Why is this subcategory under Logon/Logoff? Your guess is as good as mine.
There are additional subcategories for quick mode and extended mode as well as the IPSec driver itself. You can only configure this category using auditpol.
Coverage on events generated by this category are currently in the Security Log Encyclopedia:
Back to top