Symptoms

Consider the following scenario:

  • You install the Network Policy and Access Services role on a server that is running an x64-based version of Windows Server 2008 R2.

  • You configure and then enable the Routing and Remote Access service on the server.Note If you examine the Port window of the Routing and Remote Access service, you notice that the maximum number of WAN Miniport (IKEv2) ports is set to 128.

  • You install Windows Server 2008 R2 Service Pack 1 (SP1) on the server.

In this scenario, the maximum number of IKEv2 ports is changed from 128 to two. Therefore, only two IKEv2 connections can be active at one time. If more than two clients try to connect to the server at the same time, the Routing and Remote Access service rejects the IKEv2 connection requests. Additionally, the following message is logged in the Rastapi.log file:

Couldn’t find a listening port. Dropping call

Cause

By default, the maximum number of IKEv2 ports in the Port window of the Routing and Remote Access service in Windows Server 2008 R2 is set to two. The number is changed to 128 after you enable the Routing and Remote Access service. However, the IKEv2 component is reinstalled unexpectedly when you install Windows Server 2008 SP1. Therefore, the maximum number of IKEv2 ports is set back to two.

Resolution

To prevent this issue, we recommend that you install this hotfix package before you install Windows Server 2008 R2 SP1.If you have installed Windows Server 2008 R2 SP1 before this hotfix package, follow these steps to prevent the issue:

  1. Manually change the maximum number of number of ports to 128 or a customized value by using an administrator account.

  2. Install this hotfix package.

Update information

How to obtain this update

The following files are available for download from the Microsoft Download Center:

Operating system

Update

All supported x64-based versions of Windows Server 2008 R2

Download Download the update package now.

All supported IA-64-based versions of Windows Server 2008 R2

Download Download the update package now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online servicesMicrosoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

To apply this update, you must have the Routing and Remote Access Services role installed on the server.

Registry information

To use the update in this package, you do not have to make any changes to the registry.

Restart requirement

You do not have to restart the computer after you apply this update.

Update replacement information

This update does not replace a previously released update.

File information

The global version of this hotfix installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

Windows Server 2008 R2 file information notes

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

    Version

    Product

    Milestone

    Service branch

    6.1.760 0.16xxx

    Windows Server 2008 R2

    RTM

    GDR

    6.1.760 0.20xxx

    Windows Server 2008 R2

    RTM

    LDR

  • GDR service branches contain only those fixes that are widely released to address widespread, extremely important issues. LDR service branches contain hotfixes in addition to widely released fixes.

  • The MANIFEST files (.manifest) and the MUM files (.mum) that are installed for each environment are listed separately in the "Additional file information for Windows Server 2008 R2" section. MUM and MANIFEST files, and the associated security catalog (.cat) files, are extremely important to maintain the state of the updated components. The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.

For all supported x64-based versions of Windows 7 and of Windows Server 2008 R2

File name

File version

File size

Date

Time

Platform

Netcfg.exe

6.1.7600.16726

32,768

29-Dec-2010

10:31

x64

Netcfg.exe

6.1.7600.20867

32,768

29-Dec-2010

10:33

x64

Netcfg.exe

6.1.7601.17530

32,768

29-Dec-2010

10:50

x64

Netcfg.exe

6.1.7601.21628

32,768

29-Dec-2010

10:26

x64

Workaround

To work around this issue, use one of the following methods to change the maximum number of IKEv2 ports back to the default value 128 or the number of ports configured manually by the administrator:

Method 1

Change the maximum number of ports in the Port window of the Routing and Remote Access service. To do this, follow these steps:

  1. Click Start, point to All Programs, click Administrative Tools, and then click Server Manager.

  2. In the left pane, expand Roles, expand Network Policy and Access, and then expand Routing and Remote Access.

  3. Right-click Ports, and then click Properties.

  4. Select WAN Miniport (IKEv2) in the Ports Properties dialog box, and then click Configure.

  5. Change the Maximum port to 128 or the value you set before and then click OK.

  6. Apply the change and then restart the computer.

Method 2

At a command prompt, type the following command to change the maximum port number and then restart the server:

netsh ras set wanports device="WAN Miniport (IKEv2)" maxports=128

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Additional file information

Additional file information for Windows Server 2008 R2

Additional files for all supported x64-based versions of Windows Server 2008 R2

File name

Amd64_1dddfebf4c7ffc5d40355cfcbb59d5fa_31bf3856ad364e35_6.1.7600.16726_none_a271c7191a38e7a2.manifest

File version

Not applicable

File size

698

Date (UTC)

30-Dec-2010

Time (UTC)

00:15

Platform

Not applicable

File name

Amd64_1efb79b16034dfa96f689748cb7e4172_31bf3856ad364e35_6.1.7600.20867_none_2e305f6949e4f22f.manifest

File version

Not applicable

File size

698

Date (UTC)

30-Dec-2010

Time (UTC)

00:15

Platform

Not applicable

File name

Amd64_25398a1ccb59a707082b81a96aa38b7e_31bf3856ad364e35_6.1.7601.17530_none_b7de13d01fadfa92.manifest

File version

Not applicable

File size

698

Date (UTC)

30-Dec-2010

Time (UTC)

00:15

Platform

Not applicable

File name

Amd64_a40d4509cac2562f4c9033c988803e5a_31bf3856ad364e35_6.1.7601.21628_none_720e088417e1e4cc.manifest

File version

Not applicable

File size

698

Date (UTC)

30-Dec-2010

Time (UTC)

00:15

Platform

Not applicable

File name

Amd64_microsoft-windows-netcfg_31bf3856ad364e35_6.1.7600.16726_none_6c65b4c96af8f409.manifest

File version

Not applicable

File size

2,341

Date (UTC)

29-Dec-2010

Time (UTC)

12:07

Platform

Not applicable

File name

Amd64_microsoft-windows-netcfg_31bf3856ad364e35_6.1.7600.20867_none_6cc5122e84361cee.manifest

File version

Not applicable

File size

2,341

Date (UTC)

29-Dec-2010

Time (UTC)

12:08

Platform

Not applicable

File name

Amd64_microsoft-windows-netcfg_31bf3856ad364e35_6.1.7601.17530_none_6e3b4027682ce3dc.manifest

File version

Not applicable

File size

2,341

Date (UTC)

29-Dec-2010

Time (UTC)

11:56

Platform

Not applicable

File name

Amd64_microsoft-windows-netcfg_31bf3856ad364e35_6.1.7601.21628_none_6ed7af2e813b326d.manifest

File version

Not applicable

File size

2,341

Date (UTC)

29-Dec-2010

Time (UTC)

12:02

Platform

Not applicable

File name

Update.mum

File version

Not applicable

File size

3,215

Date (UTC)

30-Dec-2010

Time (UTC)

00:15

Platform

Not applicable

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.