When a Windows XP client is joined to a Windows Server 2003 domain and the authenticating DC has SP1 installed, you cannot connect to the internet or log on to the domain.
When you start the IPSEC service on the domain controller, you receive an error like:
The system cannot find the file specified.
The server's System event log contains:
Event Type: Error
Event Source: IPSEC
Event Category: None
Event ID: 4292
Date: MM/DD/YYYY
Time: HH:MM:SS
User: N/A
Computer: <COMPUTER NAME>
Description: The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic
that is not permitted by boot-time IPSec Policy exemptions.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: MM/DD/YYYY
Time: HH:MM:SS
User: N/A
Computer: <COMPUTER NAME>
Description: The IPSEC Services service terminated with the following error: The system cannot find the file specified.
This behavior will occur if there is a corrupted file in policy store, probably caused by an interruption when it was being written to disk.
To resolve this problem on the server:
1. Open a CMD.EXE window.
2. Type the following commands, pressing Enter after each line:
REG DELETE HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /F REG ADD HKLM\System\CurrentControlSet\Services\IPSEC /V Start /T REG_DWORD /F /D 1 regsvr32 -s polstore.dll3. Shutdown and restart your server.
NOTE: See Understanding IPSec Driver Startup Modes for more information about IPSEC Block mode.
