I recently encountered a situation with a Virtual Machine running Guest OS Windows Server 2003 SP2. The parent partition (Host) is running Hyper-v 2012 R2. I could login to the VM console using Hyper-v Manager, the Guest OS had an IP Address by DHCP, but there was no network access . I could not ping from or to the VM.

I checked the firewall settings, IP Address settings, the Hyper-v host Switch configuration and all seemed fine. Looking through the System Event logs, I came across EventID 4292 Error Detail: “The IPSec driver has entered Block mode.IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer. For detailed troubleshooting information, review the events in the Security event log.” The following screenshot shows the detailed event message:

After some research, I found the following solution:

Possible Cause:
A corrupted file in the policy store causes this problem. An interruption that occurs when the policy is being written to the disk may cause the corruption.
Check:
When you try to open the Internet Protocol security (IPSec) Microsoft Management Console (MMC) policy on a Microsoft Windows Server 2003-based computer, you receive the following error message:

“The IPSec Policy storage container could not be opened. The following error occurred: The system cannot find the file specified. (80070002).”

Resolution:

In Registry Editor, locate and then DELETE the following subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local
Close Registry Editor.
Rebuild a new local policy store. To do this, Click Start, click Run, type regsvr32 polstore.dll, and then click OK.

The above mentioned registry key did not exist in this case, so I only had to register the “polstore.dll” and that resolved the problem.