EventID.Net LogoEventID.Net

EvLog Event Analyzer

Monitor unlimited number of servers
Filter log events
Create email and web-based reports

EventID.Net Subscription

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 547 Source: Security

Source
Security
Level
Failure Audit
Description
IKE security association negotiation failed.
Mode: Key Exchange Mode (Main Mode)
Filter:
<Source IP Address>
<Source IP Address Mask>
<Destination IP Address>
<Destination IP Address Mask>
<Protocol>
<Source Port>
<Destination Port>
Failure Point: Me
Failure Reason: IKE SA deleted before establishment completed
English
Request a translation of the event description in plain English.
Comments
 
Maxim Kкishtafovitz
In my case, i got this event after one of the two reverse lookup zones in the DNS server failed to load. The problem was fixed by loading the missed zone.
EventID.Net
As per Microsoft: "This audit is the primary diagnostic tool for determining IKE negotiation failures. It describes which mode (Main or Quick), which filter, where the failure occurred (Me or Peer), and gives an explanation of the failure as well as likely reasons for this failure". See MSW2KDB for information about this event.
EventID.Net
See ME833976 for a hotfix applicable to Microsoft Windows XP.
EventID.Net
See ME257225 - Basic IPSec Troubleshooting in Windows 2000.
Private comment
Subscribers only. See an example of private comment
Links
ME257225, ME833976, Online Analysis of Security Event Log, MSW2KDB
Search
Google - Bing - Microsoft - Yahoo - EventID.Net Queue (1) - More links...
Feedback
Send comments or solutions - Notify me when updated
 
Printer friendly

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...