Servers had been restarted and Windows Security updates applied. Exchange server appears to be up but not responding on the network. No RDP, No Ping, no email, etc. Found IPSEC service not started and error message in logs.
Event Type: Error
Event Source: IPSec
Event Category: None
Event ID: 4292
Description: The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer. For detailed troubleshooting information, review the events in the Security event log.
Found this could be caused by Security Update when DNS service randomly picks a port that a service uses. In this case it was IPSEC.
Added the following Reserved ports in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ReservedPorts
1645-1646 - Used by IAS
1701-1701 - Used by L2TP
1812-1813 - Used by IAS
2883-2883 - Used by AUTD
4500-4500 - Used by IPSEC
Restarted and access back. Restarted BES server and sent test...
This is from the Official SBS blog...click here to see this blog
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment