WinSecWiki > Security Settings > Local Policies > Audit Policy > Audit Logon > IPsec Quick

IPsec Quick Mode

IPSec is an IP protocol that provides authentication, integrity and optionally encryption at the packet level. This subcategory records all IPSec quick mode events. Why is this subcategory under Logon/Logoff? Your guess is as good as mine.

There are additional subcategories for main mode and extended mode as well as the IPSec driver itself. You can only configure this category using auditpol.

Coverage on events generated by this category are currently in the Security Log Encyclopedia:

Event ID	Title
4654	An IPsec Quick Mode negotiation failed
4977	During Quick Mode negotiation, IPsec received an invalid negotiation packet.
5451	An IPsec Quick Mode security association was established.
5452	An IPsec Quick Mode security association ended.

Upcoming Webinars

Additional Resources

Audit Logon

•	Logon
•	Logoff
•	Account Lockout
•	IPsec Main
•	IPsec Quick
•	IPsec Extended
•	Special Logon
•	Other Logon/Logoff
•	NPS

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.