Event ID/Source search
Keyword searchExample: Windows cannot unload your registry file
Event ID: 4292 Source: IPSec
The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer. For detailed troubleshooting information, review the events in the Security event log.
|English: Request a translation of the event description in plain English.|
As per Microsoft: "This problem occurs because the DNS Server service is listening on the UDP port that is required by another service. This problem occurs when the MaxUserPort registry entry is present. This registry entry is located in the following subkey in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\". See ME956189 for default values for MaxUserPort.
When you try to open the Internet Protocol security (IPSec) Microsoft Management Console (MMC) policy on a Microsoft Windows Server 2003-based computer this event might be logged. A corrupted file in the policy store causes this problem. An interruption that occurs when the policy is being written to the disk may cause the corruption. See ME870910 and ME912023 to solve this problem.
This issue occurs because the logon account for the Remote Procedure Call (RPC) service is changed from the Local System account to the NetworkService account in Windows Server 2003 with SP1. See ME930220 for details on fixing this issue.
From a newsgroup post: "If you are also seeing Userenv events 1085 and 1091, see ME823608 for a hotfix".
|Private comment: Subscribers only. See example of private comment|
|Links: ME823608, ME870910, ME912023, ME930220, ME956189, EventID 1085 from source Userenv, EventID 1091 from source Userenv|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (2) - More links...|
Send comments or solutions
- Notify me when updated