Windows Security Log Event ID 4980

Operating Systems	Windows 2008 R2 and 7 Windows 2012 R2 and 8.1 Windows 2016 and 10 Windows Server 2019 and 2022
Category • Subcategory	Logon/Logoff • IPsec Main Mode
Type	Success
Corresponding events in Windows 2003 and before

4980: IPsec Main Mode and Extended Mode security associations were established

On this page

Description of this event
Field level details
Examples
Mini-seminars on this event

I haven't been able to produce this event. Have you? If so, please start a discussion (see above) and post a sample along with any comments you may have! Don't forget to sanitize any private information.

Free Security Log Resources by Randy

Supercharger Free Edition

Supercharger's built-in Xpath filters leave the noise behind.

Free.

Examples of 4980

IPsec Main Mode and Extended Mode security associations were established.

Main Mode Local Endpoint:

Principal Name: %1
Network Address: %3
Keying Module Port: %4

Main Mode Remote Endpoint:

Principal Name: %2
Network Address: %5
Keying Module Port: %6

Main Mode Cryptographic Information:

Cipher Algorithm: %8
Integrity Algorithm: %9
Diffie-Hellman Group: %10

Main Mode Security Association:

Lifetime (minutes): %11
Quick Mode Limit: %12
Main Mode SA ID: %16

Main Mode Additional Information:

Keying Module Name: AuthIP
Authentication Method: %7
Role: %13
Impersonation State: %14
Main Mode Filter ID: %15

Extended Mode Local Endpoint:

Principal Name: %17
Certificate SHA Thumbprint: %18
Certificate Issuing CA: %19
Certificate Root CA: %20

Extended Mode Remote Endpoint:

Principal Name: %21
Certificate SHA Thumbprint: %22
Certificate Issuing CA: %23
Certificate Root CA: %24

Extended Mode Additional Information:

Authentication Method: SSL
Impersonation State: %25
Quick Mode Filter ID: %26

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection

Upcoming Webinars

Additional Resources

Encyclopedia

•	Event IDs
•	All Event IDs
•	Audit Policy

Go To Event ID:

Must be a 1-5 digit number No such event ID

Security Log
Quick Reference
Chart
Download now!

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.