I recently encountered a situation with a Virtual Machine running Guest OS Windows Server 2003 SP2. The parent partition (Host) is running Hyper-v 2012 R2. I could login to the VM console using Hyper-v Manager, the Guest OS had an IP Address by DHCP, but there was no network access . I could not ping from or to the VM.
I checked the firewall settings, IP Address settings, the Hyper-v host Switch configuration and all seemed fine. Looking through the System Event logs, I came across EventID 4292 Error Detail: “The IPSec driver has entered Block mode.IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer. For detailed troubleshooting information, review the events in the Security event log.” The following screenshot shows the detailed event message:
After some research, I found the following solution:
A corrupted file in the policy store causes this problem. An interruption that occurs when the policy is being written to the disk may cause the corruption.
When you try to open the Internet Protocol security (IPSec) Microsoft Management Console (MMC) policy on a Microsoft Windows Server 2003-based computer, you receive the following error message:
“The IPSec Policy storage container could not be opened. The following error occurred: The system cannot find the file specified. (80070002).”
In Registry Editor, locate and then DELETE the following subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local
Close Registry Editor.
Rebuild a new local policy store. To do this, Click Start, click Run, type regsvr32 polstore.dll, and then click OK.
The above mentioned registry key did not exist in this case, so I only had to register the “polstore.dll” and that resolved the problem.