On a Windows 2003 Server I had someone “clean” my registry of their old program for an upgrade that I couldn’t complete.  All I had to do was wait after hours and reboot the server. Well when I went to reboot the server a lot of my services would not start. Including Microsoft Exchange IS  and Exchange MTA stacks (nightmare!!!)  One of the things I noticed was that the first error to pop up in the event viewer was event id 4292

“The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions.”

If I went to services.msc and tried to start the service manually, it would give me the error:

“Error 10048: only one usage of each socket address (protocol/network adress/port) is normally permitted.”

First as a temporary fix  you might try the following for the heck of it which refers to it being caused by an MS update..


But if that doesn’t work try to perform this KB article which fixed my problem completely. Please note that you HAVE to reboot after this (i tried not rebooting and tried to just start the service and it didn’t resolve the problem). Before you delete the key that Microsoft instructs you to delete in the following article, you might want to right click and export it to a file just in case.  As a disclaimer I don’t take any responsibility for any registry corruption or errors.


Another thing I read was that you can disable the IPsec service and reboot server, but that would be as a last resort.  Good Luck.