Event ID 5484 — IPsec Policy Agent Service Initialization

Updated: January 9, 2008

Applies To: Windows Server 2008

red

The IPsec Policy Agent service must be running to receive and process Internet Protocol security (IPsec) policies that were made by using earlier versions of Windows.

Note:   This service provides compatibility with Internet Protocol security (IPsec) policies used in earlier versions of Windows. New deployments of Windows Vista and Windows Server 2008 should not use the policies supported by the IPsec Policy Agent service since those policies support only a subset of the features supported by Windows Firewall with Advanced Security. Instead, new deployments should use policies created by using Windows Firewall with Advanced Security to take full advantage of the additional security and features.

When appropriate auditing events are enabled (http://go.microsoft.com/fwlink/?linkid=92666), Windows reports successes and failures in starting the service, or when the service stops operating due to a failure.

Event Details

Product: Windows Operating System
ID: 5484
Source: Microsoft-Windows-Security-Auditing
Version: 6.0
Symbolic Name: SE_AUDITID_ETW_POLICYAGENT_IPSECSVC_ERROR_SHUTDOWN
Message: IPsec Services has experienced a critical failure and has been shut down. The shutdown of IPsec Services can put the computer at greater risk of network attack or expose the computer to potential security risks.

Error Code:%t%t%1

Resolve

Examine the status code reported and then restart the service

Windows logs an error if the IPsec Policy Agent service fails to start, or if it unexpectedly terminates. The error message indicates the cause of the service failure by including an error code in the text of the message. Review the information for the error code, enable the service if necessary, and then restart the Windows Firewall service.

To perform these procedures, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.

Review the error code

To review the error code:

To determine the meaning of the error code, open a command prompt, and then type net helpmsg errnum, where errnum is the error code displayed in the event message. Take the corrective action indicated by that error code. If the error indicates that the service fails to start because it is disabled, then you must enable the service and then attempt to start it.

Note: For a complete listing of Win32 error messages, see http://go.microsoft.com/fwlink/?LinkId=83027.

Enable the IPsec Policy Agent service

To enable the IPsec Policy Agent service:

  1. Start the Services MMC snap-in. Click Start, then in the Start Search box, type services.msc and then press ENTER.
  2. In the Name column of the Services snap-in, right-click IPsec Policy Agent, and then click Properties.
  3. In the IPsec Policy Agent Properties dialog box, click the list next to Startup type, and then click Automatic.
  4. Click Start to start the service.
  5. If the attempt to start the service fails, then restart the computer. This forces all related and dependent services to restart.

Start the IPsec Policy Agent service

To start the IPsec Policy Agent service:

  1. Restart the service. You can do this at a command prompt or from the Services Microsoft Management Console (MMC) snap-in. Do either of the following:
    • Start an administrative command prompt. Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator. At that command prompt, run the command net start policyagent.
    • Click Start, type services.msc in the Start Search box, and then press ENTER. In the Name column of the Services snap-in, right-click IPsec Policy Agent, and then click Start.
  2. If the attempt to restart the service fails, then restart the computer. This forces all related and dependent services to restart.
  3. If the error persists after the computer restarts, then the executable files for the driver or service might be corrupted, and the operating system must be reinstalled.

Verify

You can verify that the IPsec Policy Agent service is running by using the Services Microsoft Management Console (MMC) snap-in or the net start command-line tool.

To verify that the IPsec Policy Agent service is running:

Check the status by using the Services MMC snap-in

To perform this procedure, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.

  1. Click Start, type services.msc in the Start Search box, and then press ENTER.
  2. In the Services MMC snap-in, find IPsec Policy Agent, and then confirm that Started appears in the Status column.

Check the status by using the net start command-line tool

At a command prompt, type net start, and then verify that IPsec Policy Agent is listed as one of the services currently running on the computer.

Related Management Information

IPsec Policy Agent Service Initialization

Windows Firewall with Advanced Security

Community Additions

ADD
Show: