Windows: The IPSec driver has entered Block mode
Problem 1
The Internet Authentication Service (IAS) does not start, and an Error event that resembles the following is logged in the System event log
The Internet Authentication Service service terminated with the following error: Only one usage of each socket address (protocol/network address/port) is normally permitted.
Problem 2
Microsoft Exchange Server Always Up To Date (AUTD) notifications for ActiveSync fail, and Error events that resemble the following are logged in the Application event log:
IP-based AUTD failed to initialize because the processing of notifications could not be set up. Error code [0x80004005]. Verify that no other applications are currently bound to UDP port [2883], or try specifying a different port number
IP-based AUTD failed to initialize. Error code: [0x80004005].
Problem 3
The IPSEC Services service does not start, and Error events that resemble the following are logged in the
The IPSec driver has entered Block mode. IPSec will discard all incoming and outgoing TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer. For detailed troubleshooting information, review the events in the Security event log.
The IPSEC Services service terminated with the following error: Only one usage of each socket address (protocol/network address/port) is normally permitted.
RESOLUTION
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Right-click ReservedPorts, and then click Modify.
Type the range of ports that you want to reserve:
1645-1646 IAS
1701-1701 L2TP
1718-1719 H.323 Gatekeeper (ISA 2000 only)
1745-1745 ISA Server 2000 or ISA Server 2004
1812-1813 IAS
2883-2883 AUTD
3500-3619 ISA Server 2000 only
4500-4500 IPSEC
The Internet Authentication Service (IAS) does not start, and an Error event that resembles the following is logged in the System event log
The Internet Authentication Service service terminated with the following error: Only one usage of each socket address (protocol/network address/port) is normally permitted.
Problem 2
Microsoft Exchange Server Always Up To Date (AUTD) notifications for ActiveSync fail, and Error events that resemble the following are logged in the Application event log:
IP-based AUTD failed to initialize because the processing of notifications could not be set up. Error code [0x80004005]. Verify that no other applications are currently bound to UDP port [2883], or try specifying a different port number
IP-based AUTD failed to initialize. Error code: [0x80004005].
Problem 3
The IPSEC Services service does not start, and Error events that resemble the following are logged in the
The IPSec driver has entered Block mode. IPSec will discard all incoming and outgoing TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer. For detailed troubleshooting information, review the events in the Security event log.
The IPSEC Services service terminated with the following error: Only one usage of each socket address (protocol/network address/port) is normally permitted.
RESOLUTION
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Right-click ReservedPorts, and then click Modify.
Type the range of ports that you want to reserve:
1645-1646 IAS
1701-1701 L2TP
1718-1719 H.323 Gatekeeper (ISA 2000 only)
1745-1745 ISA Server 2000 or ISA Server 2004
1812-1813 IAS
2883-2883 AUTD
3500-3619 ISA Server 2000 only
4500-4500 IPSEC
Comments
Post a Comment