Unable to start IPSec service

S

Steve Diamond

I discovered today that the IPSEC service on my rather new computer
has been failing to start for several weeks, since a few days after I
first set up the computer.

The System event log shows this on each reboot and each attempt to
start the service manually:

================
Type: Error
Event ID: 7023
Description: The IPSEC Services service terminated with the following
error: The attempted operation is not supported for the type of object
referenced.
================

The Services console logs that error and throws this message when I
attempt a manual start:

================
Could not start the IPSEC Services service on Local Computer.
Error 10045: The attempted operation is not supported for the type of
object referenced.
================

Running Windows XP Media Center Edition with SP2 and all latest
critical updates applied. Running McAfee VirusScan and Personal
Firewall Plus.

This problem didn't come to my attention until I tried today to
configure a VPN connection of type L2TP IPSec, which obviously
requires the IPSec service to be operating. The connection is
configured okay, but when I try to connect I get:

================
Error 789: The L2TP connection attempt failed because the security
layer encountered a processing error during initial negotiations with
the remote computer.
================

I presume this is the symptom of the IPSec service not being in a
running state.

I can't find anything relevant in the MSFT KB or Technet.

I posted in microsoft.public.isa.vpn as well as here, but if there's
a more appropriate group, please let me know. Any help much
appreciated.

TIA.

Steve Diamond
 
R

Robert L [MS-MVP]

check if you have another software conflict with the IPSec. This link may help,

Error 10045, 4292, 7023 "Event ID: 7023 - The IPSEC Services service terminated with the following error: The system cannot find the file specified". ...
www.chicagotech.net/troubleshooting/error10045.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I discovered today that the IPSEC service on my rather new computer
has been failing to start for several weeks, since a few days after I
first set up the computer.

The System event log shows this on each reboot and each attempt to
start the service manually:

================
Type: Error
Event ID: 7023
Description: The IPSEC Services service terminated with the following
error: The attempted operation is not supported for the type of object
referenced.
================

The Services console logs that error and throws this message when I
attempt a manual start:

================
Could not start the IPSEC Services service on Local Computer.
Error 10045: The attempted operation is not supported for the type of
object referenced.
================

Running Windows XP Media Center Edition with SP2 and all latest
critical updates applied. Running McAfee VirusScan and Personal
Firewall Plus.

This problem didn't come to my attention until I tried today to
configure a VPN connection of type L2TP IPSec, which obviously
requires the IPSec service to be operating. The connection is
configured okay, but when I try to connect I get:

================
Error 789: The L2TP connection attempt failed because the security
layer encountered a processing error during initial negotiations with
the remote computer.
================

I presume this is the symptom of the IPSec service not being in a
running state.

I can't find anything relevant in the MSFT KB or Technet.

I posted in microsoft.public.isa.vpn as well as here, but if there's
a more appropriate group, please let me know. Any help much
appreciated.

TIA.

Steve Diamond
 
S

Steve Diamond

Thanks for the reply, Robert.

I followed the instructions at
http://www.howtonetworking.com/VPN/rebuildipsec.htm, which is linked
to from the page you mentioned. They refer to a registry key that did
not exist on my system:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\IPsec\Policy\Local

But I did find the following key, which sounds as if it probably has
the same meaning:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local

After exporting the node, I went ahead and deleted it, then ran the
command:
regsvr32 polstore.dll
as suggested. The dll registration completed successfully, and a look
at the registry shows that all the deleted subkeys under that node
have apparently been reconstructed.

However, I still get the same exact error when I reboot or try to
start the IPSec service manually.

Can anyone confirm that I did in fact delete the correct registry
node?

I also found some hints elsewhere that there might be conflicts with
some Norton or McAfee security components, so I stopped all the McAfee
services, and I still get the same error.

Thinking back on the timing of when this error appeared (a few days
after I first set up the computer) I think it probably coincides with
when SP2 was installed. So that would seem to imply that the procedure
for rebuilding the IPSec policies should have worked. Only it didn't.

Any other ideas for troubleshooting this? I have a rather urgent need
to get the VPN connection up and running.

I do have a spare XP Pro license, so I would consider upgrading from
Media Center Edition to XP Pro, if anyone thinks that might help. But
it would be nice to have a firm diagnosis.

Thanks.

Steve Diamond
 
S

Steve Diamond

I've now also tried disabling all McAfee components (using msconfig),
rebooting, running the "netsh int ip reset" command, and rebuilding
the IPSec security policies. Still no change in behavior.

Any reason why I should not upgrade the OS from Media Center to Pro?
Anything to watch out for when I do? Any other thoughts?

Thanks much.

Steve Diamond
 
G

Guest

I have the same problem.It started sometime after i bought my PC with WINDOWS
XP HOME 0S.The PC would not cold boot.And still does at times,and maybe i
should leave it on all the time.IPSEC error?I have yet to find the PLug in.I
thought it was pluged in?,,,Just kidding.I am not that smart yet about the
WINDOWS OS.I wrote in here about windows doesn't know when i manualy disable
internet connection by cable modem mianly by the lil tv icon.,even when i
didn't have an ISP,the same error messages would appear.Maybe your answered
questions will help me also,and microsoft to make a flawless OS.Hope this
helped.Thanks
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Can't start IPSec Services 6
IPSec service can't started 1
Ipsec vpn connectivity 3
L2TP IPSec error 789 & 792 0
Problem to start IPSec Service 6
IPSEC service will not start 1
Windows XP Windows - IPSEC SERVICE 0
Internet connection stops responding two 1

Top