Event ID 2022 — Connection Security Rule Processing
Applies To: Windows Server 2008 R2
.jpg)
Windows Firewall with Advanced Security receives connection security rules from local security policy stored in the system registry, and from Group Policy delivered by Active Directory. After receiving a new or modified policy, Windows Firewall must process each rule in the applied policies to interpret what network traffic is to be protected by using Internet Protocol security (IPsec).
Event Details
| Product: | Windows Operating System |
| ID: | 2022 |
| Source: | Microsoft-Windows-Windows Firewall with Advanced Security |
| Version: | 6.1 |
| Symbolic Name: | WFPhase1CryptoSetDeleteEvent |
| Message: | A phase 1 crypto set was deleted from IPsec settings. Deleted Rule: %tRule ID:%t%1 %tRule Name:%t%2 %tModifying User:%t%3 %tModifying Application:%t%4 |
Resolve
This is a normal condition. No further action is required.