Re: IPSEC PolicyAgent Service failure on first boot of new server

Very interesting. Thanks for posting back as that information is good to
know. A reboot may save someone a lot of grief. --- Steve


"bbergero" <bbergero@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5882B097-6995-417C-8085-CA68A1D3A2E6@xxxxxxxxxxxxxxxx
Thanks for taking time to reply. I did browse various IPSEC
documentation,
including your linked article, and found nothing that answers my question.
We were dry-running a server replacement procedure for our customer, and
this
quirk is consistent. I verified that a new NIC or CPU does not cause this
(only replacing the entire server, and re-using the same disks). This
quirk
may be related to some kind of machine identity stored in BIOS.

Moral of the story: If replacing the server or motherboard (or whatever
board contains system BIOS). Don't be surprised if IPSEC driver fails on
first boot; just reboot again and everything will be okay. :)

"Steven L Umbach" wrote:

Off hand I don't know and if future reboots do not exhibit the problem
then
that is probably a quirk you will expect to see. If you have not seen it
the
link below it is the best I know of on troubleshooting ipsec for Windows
and
may help. --- Steve

http://www.microsoft.com/technet/security/topics/architectureanddesign/ipsec/ipsecch7.mspx

"bbergero" <bbergero@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EE4726E7-4E27-4A9A-80D6-10EADB9FC4C3@xxxxxxxxxxxxxxxx
Win2K Adv Svr SP2 Cluster Active/Passive
Virtual SQl Server 2K SP2

When one of the servers in the cluster is replaced (re-use same
drives),
on
the first boot, PolicyAgent events 319 and 321 (Oakley and Ipsec driver
failed to start). Services shows IPSEC PolicyAgent is stopped.
However,
everything is OK on next boot. Is this expected? Is there some
association
with hardware (CPU identity or NIC MAC address)? Or is this related to
something fixed in a later Service Pack?

Thanks





.

Relevant Pages

  • RE: Thunderbird Getting Started
    ... bounces@xxxxxxxxxxxxxxxx] On Behalf Of steve ... |> left there is a "remove account" button. ... | additional TB account for my MSN email address. ... | that TB cannot contact the MSN server. ...
    (Ubuntu)
  • RE: Exchange 2003 and timeout errors on XP machines
    ... lose of connectivity on the server but only error 26 on the clients and then ... I will reboot the server and see what ... After replacing 1 client computer's network cable, ... > Store.exe will take as much memory as possible to provide better service ...
    (microsoft.public.windows.server.sbs)
  • Re: Thunderbird Getting Started
    ... bounces@xxxxxxxxxxxxxxxx] On Behalf Of steve ... |> left there is a "remove account" button. ... | additional TB account for my MSN email address. ... | that TB cannot contact the MSN server. ...
    (Ubuntu)
  • Re: *** Manglement Notice - Buxton Registration now open ***
    ... cookies or no:( ... I had the same success rate as Steve Robinson even after telling IE to ... Depending on where the server that users need to access resides or how the Web site is hosted, I know that some of my clients who use AOL as their ISP often cannot log into their company network using a VPN connection or semi private company Web-sites hosted on servers within their company's less secure Internet facing DMZ. ...
    (uk.music.guitar)
  • Re: Mail messages wont leave queue
    ... Thanks for replying Steve! ... The messages aren't even posting to the BadMail ... email from your server. ... I am testing my smtp service on my windows server 2003 machine. ...
    (microsoft.public.inetserver.iis.smtp_nntp)