IPSEC Driver has entered Block Mode

Basically the issue was a NIC that could receive traffic but not send. Looking at the event  viewer I saw the message “IPSec driver has entered Block mode”. I got around this issue by modifying the following registry key:


Update the ReservedPorts key, do not replace the values currently there with these values but simply add these additional values. You can copy and paste the list below into the registry entry

  • 1433-1434
  • 1745-1745
  • 1080-1080
  • 1720-1720
  • 3343-3343
  • 1645-1646
  • 1701-1701
  • 1812-1813
  • 2883-2883
  • 4500-4500

You will get a warning message but just click OK.

Microsoft at this point tell you to remove the old IPSec policy (which didn’t exist on my server in the place they mentioned) so I just did the following:

  1. Rebuild a new local policy store. To do this, Click Start, click Run, type regsvr32 polstore.dll in the Open box, and then click OK.
  2. Verify that the IPSEC Services component is set to automatic (under services.msc), and then restart the host.

Most of this info can be found here: http://support.microsoft.com/kb/912023