Network browse issue after patching SEP clients on Server 2012 R2

I need a solution

I have seen an issue only on Server 2012 R2.  After a restart, you cannot browse UNC paths to any resource.  At first, it seemed completely random.  Then, as I began tracking each month, I found that it was about 40% of Server 2012 R2 servers behaving this way after taking a SEP upgrade and then restarting.  It doesn’t seem to matter if the upgrade was from an install package was pushed from SEPM or if the client patch was applied. 

When I find the issue of not being able to browse a UNC path, I find that Event ID 4202 is logged. 

Event ID: 4202
Srouce:  iphlpsvc
Unable to update the IP address on Isatap interface isatap.{7E4F31EF-659F-46FE-9D1C-12B983DE5510}. Update Type: 0. Error Code: 0x57.

I have gotten into a routine that after every maintenance window, I run a powershell script to look for this event ID on all 2012 R2 servers, and then log in to see if the server is OK or exhibiting the symptom of not being able to browse UNC paths (Group Policies won’t apply either, as they are unable to access the share on the domain controller in this condition).  If I cannot browse, I either reboot the server, or if I can’t reboot the server, I restart the Workstation service and hope the dependent services don’t lock up.

The only solution I have been able to find is to disable the isatap adapter:

netsh int isatap set state disabled

I have not yet gotten approval to disable this on all servers.

Has anyone else experienced this issue, and if so, what have you done to work around this?  Did you completely disable IPv6, or disable the isatap adapter or ???  This has to be a timing thing with both the sisnat-{GUID}.exe processing at the time the isatap interface is initializing. 




Leave a Reply