IPSEC service fails to start

I found on several of our servers that the ipsec service fail’s to start on some of our SBS servers, this is because the DNS service randomly picks 2500 ports and seems to pick the port ipsec uses, to fix this you need to add some exclusions into the registry.

Open regedit and go to  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ReservedPorts and type the following numbers in addition to the ones already there.

  • 1645-1646 – Used by IAS
  • 1701-1701 – Used by L2TP
  • 1812-1813 – Used by IAS
  • 2883-2883 – Used by AUTD
  • 4500-4500 – Used by IPSEC

I found this info on the Official SBS Blog

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>