recently, our sbs 2k3 is failing to start the ipsec service on restart /
from the sbs technet blog :
DNS by default will randomly pick 2500 ports when the service starts up, a
port conflict will occur if the DNS server allocates a port that is
required by another service and that service will fail once it requests
that static UDP port. So far we have seen issues with AUTD, IPSEC, and
IAS but there may be other services that will have a conflict.
is the dns port conflict the only possible reason and editing :
* 1645-1646 - Used by IAS
* 1701-1701 - Used by L2TP
* 1812-1813 - Used by IAS
* 2883-2883 - Used by AUTD
* 4500-4500 - Used by IPSEC
an approved solution ?? i remember some time ago, ias was also failing on
found this reference : http://blogs.technet.com/sbs/archive...s-may-fail-to-
having this logged message :
If the IPSEC service fails to start, the server will be running in Block
mode and it will block all network connectivity to the server.
In the case of the IAS Service failing to start, you will see the
following event logged in the system event log:
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Time: 6:38:37 PM
Description: The Internet Authentication Service Service terminated
with the following error: Only one usage of each socket address (protocol/
network address/port) is normally permitted.
thank you in advance.
No trees were destroyed in the sending of this message, however, a
significant number of electrons were terribly inconvenienced