IPSEC PolicyAgent Service failure on first boot of new server



Win2K Adv Svr SP2 Cluster Active/Passive
Virtual SQl Server 2K SP2

When one of the servers in the cluster is replaced (re-use same drives), on
the first boot, PolicyAgent events 319 and 321 (Oakley and Ipsec driver
failed to start). Services shows IPSEC PolicyAgent is stopped. However,
everything is OK on next boot. Is this expected? Is there some association
with hardware (CPU identity or NIC MAC address)? Or is this related to
something fixed in a later Service Pack?



Thanks for taking time to reply. I did browse various IPSEC documentation,
including your linked article, and found nothing that answers my question.
We were dry-running a server replacement procedure for our customer, and this
quirk is consistent. I verified that a new NIC or CPU does not cause this
(only replacing the entire server, and re-using the same disks). This quirk
may be related to some kind of machine identity stored in BIOS.

Moral of the story: If replacing the server or motherboard (or whatever
board contains system BIOS). Don't be surprised if IPSEC driver fails on
first boot; just reboot again and everything will be okay. :)

Steven L Umbach

Very interesting. Thanks for posting back as that information is good to
know. A reboot may save someone a lot of grief. --- Steve

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question