N3T_IPSec_Pkts_Denied_Mismatch

The number of packets being denied due to a mismatch with the filter's action may be high.

First identify which filters are causing the mismatch alert. This problem could indicate a policy mismatch between the peer and this TCP/IP stack. Another possibility is attempted suspicious activity. Enable logging for the associated filter rule and monitor the traffic using the UNIX(R) syslog.

This warning situation is based on the Packets Denied By Mismatch attribute.

Formula: Packets Denied By Mismatch > 0

By default, this situation is evaluated every 15 minutes and is not run at startup.