Re: IPsec on Windows 2003
From: David Beder [MSFT] (dbeder_at_online.microsoft.com)
Date: 03/07/04
- Next message: Jon: "syncronise workstation / server logon while not in domain"
- Previous message: S. Pidgorny
: "Re: PPTP VPN Server setup and design" - In reply to: Maarten Wensveen: "IPsec on Windows 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 7 Mar 2004 00:39:22 -0800
This typically happens when a software package is added to the stack such
that it blocks communication between the ipsec service and its driver or its
configuration store. The error is telling you that in this state the system
has gone into a secure/lockdown mode to prevent any posible insecurities
created by not having your active ipsec policy functioning.
If you indeed have no ipsec policy assigned to the server (remember that VPN
using L2TP/IPSec would create a policy), then shutting down the service
should be fine, though you will probably be giving up the temporary ipsec
firewallish security invoked during boot-time.
-- David Microsoft Windows Networking This posting is provided "AS IS" with no warranties, and confers no rights. "Maarten Wensveen" <maart206@hotmail.com> wrote in message news:e40d5d60.0403030342.ef3fd1f@posting.google.com... > Today I encountered on the third server that my IPsec gets crazy. > I don't use it, but the service is started default when you install 2003. > So no policy is assigned, but when the server boots is gives the > message as seen below. This is a bad because TCP/IP is dead at that > moment. > When is disable the IPSec service and reboot the server it works > again. But as a workaround to disable the service??!! it to think > that this is not the way. If it where just a Workstation then maybe it > wont bother me this much. > > Dos anyone ever had this problem? > > Thanxs > Maarten Wensveen > Reset BV. > Holland > > Event Type: Error > Event Source: IPSec > Event Category: None > Event ID: 4292 > Date: 2-3-2004 > Time: 16:03:18 > User: N/A > Computer: TERM-02 > Description: > The IPSec driver has entered Block mode. IPSec will discard all > inbound and outbound TCP/IP network traffic that is not permitted by > boot-time IPSec Policy exemptions. User Action: To restore full > unsecured TCP/IP connectivity, disable the IPSec services, and then > restart the computer. For detailed troubleshooting information, > review the events in the Security event log.
- Next message: Jon: "syncronise workstation / server logon while not in domain"
- Previous message: S. Pidgorny
: "Re: PPTP VPN Server setup and design" - In reply to: Maarten Wensveen: "IPsec on Windows 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
Loading
