Re: IPSEC PolicyAgent Service failure on first boot of new server



Very interesting. Thanks for posting back as that information is good to
know. A reboot may save someone a lot of grief. --- Steve


"bbergero" <bbergero@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5882B097-6995-417C-8085-CA68A1D3A2E6@xxxxxxxxxxxxxxxx
Thanks for taking time to reply. I did browse various IPSEC
documentation,
including your linked article, and found nothing that answers my question.
We were dry-running a server replacement procedure for our customer, and
this
quirk is consistent. I verified that a new NIC or CPU does not cause this
(only replacing the entire server, and re-using the same disks). This
quirk
may be related to some kind of machine identity stored in BIOS.

Moral of the story: If replacing the server or motherboard (or whatever
board contains system BIOS). Don't be surprised if IPSEC driver fails on
first boot; just reboot again and everything will be okay. :)

"Steven L Umbach" wrote:

Off hand I don't know and if future reboots do not exhibit the problem
then
that is probably a quirk you will expect to see. If you have not seen it
the
link below it is the best I know of on troubleshooting ipsec for Windows
and
may help. --- Steve

http://www.microsoft.com/technet/security/topics/architectureanddesign/ipsec/ipsecch7.mspx

"bbergero" <bbergero@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EE4726E7-4E27-4A9A-80D6-10EADB9FC4C3@xxxxxxxxxxxxxxxx
Win2K Adv Svr SP2 Cluster Active/Passive
Virtual SQl Server 2K SP2

When one of the servers in the cluster is replaced (re-use same
drives),
on
the first boot, PolicyAgent events 319 and 321 (Oakley and Ipsec driver
failed to start). Services shows IPSEC PolicyAgent is stopped.
However,
everything is OK on next boot. Is this expected? Is there some
association
with hardware (CPU identity or NIC MAC address)? Or is this related to
something fixed in a later Service Pack?

Thanks





.



Relevant Pages

  • RE: Thunderbird Getting Started
    ... bounces@xxxxxxxxxxxxxxxx] On Behalf Of steve ... |> left there is a "remove account" button. ... | additional TB account for my MSN email address. ... | that TB cannot contact the MSN server. ...
    (Ubuntu)
  • RE: Exchange 2003 and timeout errors on XP machines
    ... lose of connectivity on the server but only error 26 on the clients and then ... I will reboot the server and see what ... After replacing 1 client computer's network cable, ... > Store.exe will take as much memory as possible to provide better service ...
    (microsoft.public.windows.server.sbs)
  • Re: How Many "Problems" Will Steve De Mena Discover After Installing 10.6.2 Update
    ... Steve de Mena wrote: ... Mac he starts screaming that its impossible for that to happen. ... that the Entourage database files were located on a directly connected ... It's not just a backup of the server store, ...
    (comp.sys.mac.advocacy)
  • Re: IIS7 - 67GB of Log Files
    ... Steve Schofield wrote: ... I guess I should have mentioned that this particular SBS 2008 server is my own office one and is *not* a big one. ... This was why I was concerned about the size of these files: was this indicative of some error condition or is IIS compromised in some way? ...
    (microsoft.public.inetserver.iis)
  • Re: Thunderbird Getting Started
    ... bounces@xxxxxxxxxxxxxxxx] On Behalf Of steve ... |> left there is a "remove account" button. ... | additional TB account for my MSN email address. ... | that TB cannot contact the MSN server. ...
    (Ubuntu)