IPSec auditing
From: Michael Buchardt (jumihen@image.dk)
Date: 10/31/02
- Next message: J Self: "Password rejection - sort of"
- Previous message: Charlie Tame: "Re: Zone Alarm and "svrhost.exe""
- Next in thread: Daniel Angelucci: "Re: IPSec auditing"
- Reply: Daniel Angelucci: "Re: IPSec auditing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Michael Buchardt" <jumihen@image.dk> Date: Thu, 31 Oct 2002 14:03:04 +0100
Hi
I am trying to audit the IPSec communication between two clients in domain.
When I ping one the client the first time I get informed that it is
negotiating IPSec and the second time I ping the echo reply comes through.
Not problems there. If I startup isecmon.exe I can see that the traffic is
encrypted.
I have turned on auding on both client machines (Logon events + object
access - failure and success). But I doesn´t get any event ID 541 which
should state successful establishment of an IPSec Security Association (SA).
I have tryed all that I can think of - am I doing something wrong here?!
Kind Regards
Michael Buchardt
- Next message: J Self: "Password rejection - sort of"
- Previous message: Charlie Tame: "Re: Zone Alarm and "svrhost.exe""
- Next in thread: Daniel Angelucci: "Re: IPSec auditing"
- Reply: Daniel Angelucci: "Re: IPSec auditing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
