I found a server that had no ability to interact on the network after a reboot. The IPSec service was stopped and would not start (error 10048). After troublehsooting, I found this - which someone else referred to as the DNS poisoning patch. Making the registry changes solved the issue:
http://blogs.technet.com/sbs/archive/2008/07/17/some-services-may-fail-to-start-or-may-not-work-properly-after-installing-ms08-037-951746-and-951748.aspx
Add these items to:
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ReservedPorts
1433-1434
1745-1745
1080-1080
1720-1720
3343-3343
1645-1646
1701-1701
1812-1813
2883-2883
4500-4500
Of note, on another server, without making any changes, I saw this superset list of ports in that registry key:
1433-1434
1801-1801
1745-1745
1080-1080
1720-1720
3343-3343
1434-1434
1645-1646
1701-1701
1755-1755
1812-1813
1900-1900
2460-2460
2535-2535
2701-2704
2883-2883
3527-3527
4011-4011
4500-4500
5004-5005
No comments:
Post a Comment