Description:
Suddenly you cannot logon to the domain from a server. You cannot ping it, even though the network card is connected to the network and functioning normally. You can ping to self from the server. No firewall blocks the connection. When looking through event viewer, you notice 2 errors were log; Event ID 7023 and Event ID 4292 (IPSec driver has entered Block mode). Both are related to IPSEC. You check the IPSEC services and found that you cannot start it. There’s “The system cannot find the file specified” error.
Resolution:
The problem occurs when there’s corrupted file in the policy store. The file may become corrupted if an interruption occurs when the policy being written to the disk. To solve it, please go to HKEY_LOKAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local. Delete this subkey (if exist). After that, rebuild the new local policies store. To do that, click Start > Run > type regsvr32 polstore.dll. Try starting the IPSEC services again. All issue should work well now.