IPsec Policy Agent flip-flopping demand start/auto start in Windows Server 2008

ipsecwindows-server-2008

Looking through the event logs on my web server I noticed a strange pattern.

The following events have been occurring over and over again, always back to back:

The start type of the IPsec Policy Agent service was changed from demand start to auto start.
The start type of the IPsec Policy Agent service was changed from auto start to demand start.

Each one produces event id 7040 from the Service Control Manager. And sometimes this will happen 20 times in one minute. Any idea what would cause this?

I've been trying to pinpoint an intermittent performance problem for the past several days and this is the most peculiar thing I've found so far. I'm running Windows Server 2008, SQL Server 2008, and ASP.NET 3.5 w/ MVC 2.

Best Answer

So I haven't found the cause of this. But I did find out that the IPsec Policy Agent isn't really needed in my scenario. In fact, it's there for backwards compatibility with older versions of Windows as described here:

Note: This service provides compatibility with Internet Protocol security (IPsec) policies used in earlier versions of Windows. New deployments of Windows Vista and Windows Server 2008 should not use the policies supported by the IPsec Policy Agent service since those policies support only a subset of the features supported by Windows Firewall with Advanced Security. Instead, new deployments should use policies created by using Windows Firewall with Advanced Security to take full advantage of the additional security and features.

http://technet.microsoft.com/en-us/library/cc733433(WS.10).aspx

So I simply stopped and disabled the service and this log madness has ended. Fortunately, everything else on the server seems to work fine without it.

Best Answer

Related Solutions

Terminal Services License Server Install Failed on Server 2008 SP2 DC

Windows Server 2008 machine only responds to PING from some machines

Related Topic