I ran into some troubles with the IPSec Services on my Windows XP SP2 machine today. This service was needed by a VPN application that I installed to connect to one of our customers. But during the last re-install of my machine, I set this service to manual startup, and now when I tried to start it It could not start. I recieved the following error message when trying to start it:

Error message 10048: Only one usage of each socket address (protocol/network address/port) is normally permitted.  

The Event Viewer displayed the following:

Event Type: ErrorEvent Source: Service Control ManagerEvent Category: NoneEvent ID: 7023Date: 2006-09-11Time: 10:08:10User: N/AComputer: LAPTOPWWDescription:The IPSEC Services service terminated with the following error: Only one usage of each socket address (protocol/network address/port) is normally permitted.

To find out which application that used the ports that the IPSEC Services needed I started up a command prompt and used netstat, as below, to find out the PID of the process. This command below will display all the active UDP connections and the PID (-o). The findstr function searches the output from the netstat and shows the lines containing the text “500” - which is the UDP port the IKE uses.

c:\> netstat -p UDP -n -a -o | findstr 500UDP *:* 316UDP *:* 316

Using the Task Manager I found out that PID 316 was used by the Cisco VPN Service and I shut it down and then IPSEC services started fine!