Audit IPsec Extended Mode
Audit IPsec Extended Mode allows you to audit events generated by Internet Key Exchange protocol (IKE) and Authenticated Internet Protocol (AuthIP) during Extended Mode negotiations.
Audit IPsec Extended Mode subcategory is out of scope of this document, because this subcategory is mainly used for IPsec Extended Mode troubleshooting.
| Computer Type | General Success | General Failure | Stronger Success | Stronger Failure | Comments |
|---|---|---|---|---|---|
| Domain Controller | IF | IF | IF | IF | IF - This subcategory is mainly used for IPsec Extended Mode troubleshooting, or for tracing or monitoring IPsec Extended Mode operations. |
| Member Server | IF | IF | IF | IF | IF - This subcategory is mainly used for IPsec Extended Mode troubleshooting, or for tracing or monitoring IPsec Extended Mode operations. |
| Workstation | IF | IF | IF | IF | IF - This subcategory is mainly used for IPsec Extended Mode troubleshooting, or for tracing or monitoring IPsec Extended Mode operations. |
4978(S): During Extended Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
4979(S): IPsec Main Mode and Extended Mode security associations were established.
4980(S): IPsec Main Mode and Extended Mode security associations were established.
4981(S): IPsec Main Mode and Extended Mode security associations were established.
4982(S): IPsec Main Mode and Extended Mode security associations were established.
4983(S): An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
4984(S): An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.