Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

IPSec is blocking network traffic

Posted on 2010-08-30
2
Medium Priority
?
1,646 Views
Last Modified: 2012-05-10
I have a windows 2003 Enterprise Edition x32 that after restarting stops responding on the network.

It is a domain controller that is also running Exchange 2003 Standard and one Virtual server instance.

The exact error message is "The ipsec driver has entered a Block mode.  IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemption."

One of the suggestions is to stop the IPSec services.  However I have a SSL certificate installed.

In addition to the ipsec error message there are 3 others that appear during the restart process all relating to the KDC service.

To fix the problem I simply do another restart and the server starts responding again and the error message goes away.

What on earth could be causing this?  Any suggestions would be appriciated.
ipsec-error.jpg
kdc-error.jpg
service-hang1.jpg
service-hang2.jpg
0
Comment
Question by:Douglas-Brouhard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 2000 total points
ID: 33557788
From eventid.net extract

"As per Microsoft: "This problem occurs because the DNS Server service is listening on the UDP port that is required by another service. This problem occurs when the MaxUserPort registry entry is present. This registry entry is located in the following subkey in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\". See M956189 for default values for MaxUserPort. "

Read those entries, maybe they will help you

http://www.eventid.net/display.asp?eventid=4292&eventno=5676&source=IPSec&phase=1
http://www.eventid.net/display.asp?eventid=20&eventno=3396&source=KDC&phase=1
http://www.eventid.net/display.asp?eventid=7022&eventno=111&source=Service%20Control%20Manager&phase=1
http://www.eventid.net/display.asp?eventid=7023&eventno=345&source=Service%20Control%20Manager&phase=1
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 33558411
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question