This article has been archived. It is offered "as is" and will no longer be updated.
You're using the legacy IPsec tools (IPsec MMC or NETSH IPSEC) to configure IPsec policies. You configured an IPsec rule which blocks traffic from source address "Any IP address" to destination address "Any IP address". As a result the Self-to-self traffic is blocked, so a connection or PING to localhost or a locally assigned IPv4 fails. Using IPv6 it works.
This happens also if an explicit allow rule for the self-to-self traffic is in place.
This is by design. We don't add permit filters in the situation where the source IP address and destination IP address are on the same host.
Use Connection Security Rules and Firewalls Rules configured using the Windows Firewall with Advanced Security (WF.msc) or the NETSH ADVFIREWALL context.
For backwards compatibility the functionality was implemented in Windows Vista and Windows Server 2008 with this Update:
961533 When you use an IPsec rule to block traffic from any IP address to any other IP address, the Self-to-Self connection may be blocked on a Windows Vista-based or a Windows Server 2008-based client computer