Upon rebooting a Terminal Server that had resource issues, we could not log back into the server through RDP. We could log in through iLO, and it was apparent that the logins were working but they were very slow. Upon examining the services, we could see that the IPSEC service was not started.
Trying to manually start the service gave the following popup: “Could not start the IPSEC Services service on Local Computer. Error 2: The system cannot find the file specified.” The event logs also showed that TCP/IP was in blocking mode.
Disabling the service and rebooting restored all network communication, but trying to start the service would drop all connectivity again and slow down the server. I found another article that said that IPSEC may need to be rebuilt. When I looked for the registry keys for IPSEC, they were not there. After I ran the following commands, the registry keys were populated, and IPSEC was able to run properly.
To rebuild IPSEC, follow these steps: [more]
- Click Start, click Run, type regedit, and then click OK.
- In Registry Editor, locate and then click the following subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\IPsec\Policy\Local. (In my case, the server’s registry ended before IPsec. If this is the case, skip to step 6.)
- On the Edit menu, click Delete.
- Click Yes to confirm that you want to delete the subkey
- Quit Registry Editor
- Click Start, click Run, type regsvr32 polstore.dll, and then click OK.