VMware ESXi Network Connectivity issues on a Windows Server 2003 virtual machine running on an ESXi host
Article ID: 328050
Updated On:
Products
VMware
Issue/Introduction
Symptoms:
When running a Microsoft Windows 2003 Server virtual machine on an ESXi host, you experience these symptoms:
- The virtual machine loses network connectivity
- When attempting to ping other hosts or networks, you get the error:
Destination host unreachable
- Network connectivity is unaffected when the virtual machine is running in safe mode with networking
Cause
This issue occurs when the Windows IPSec driver enters block mode. When in block mode, IPSec discards all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions.
Resolution
This is a known issue affecting Microsoft Windows 2003 Server virtual machines running on ESXi hosts. This is not a VMware issue.
To resolve the issue, remove the registry subkey related to the local IPSec policy and then rebuild the policy.
To work around this issue, disable IPSec (allowing TCP/IP connectivity without Windows IP security checks) and then restart the virtual machine.
For both options and any related risks, see the Microsoft Support article 870910.
Note: The preceding link was correct as of June 04, 2015. If you find the link is broken, provide feedback and a VMware employee will update the link.
To resolve the issue, remove the registry subkey related to the local IPSec policy and then rebuild the policy.
To work around this issue, disable IPSec (allowing TCP/IP connectivity without Windows IP security checks) and then restart the virtual machine.
For both options and any related risks, see the Microsoft Support article 870910.
Note: The preceding link was correct as of June 04, 2015. If you find the link is broken, provide feedback and a VMware employee will update the link.
Additional Information
For more information about troubleshooting virtual machine connectivity issues, see Troubleshooting virtual machine network connection issues (1003893).
Note: The preceding link was correct as of June 04, 2015. If you find the link is broken, provide feedback and a VMware employee will update the link.
Troubleshooting virtual machine network connection issues
ESXi 5.x 以降で動作する Windows Server 2003 仮想マシンのネットワーク接続の問題
ESXi 主机上运行的 Windows Server 2003 虚拟机发生网络连接问题
Impact/Risks:
Registry edit is required, serious problems occur if you modify the registry incorrectly.
Disabling IPSec results in security issues which your company's security policy prohibits.
Feedback
Yes
No
Powered by
