Fix STATUS_NDIS_OFFLOAD_POLICY 0xC023100F when TCP offload won't kick in

When this error hits

You're running a Windows Server 2016 or 2019 box – maybe a Hyper-V host or a file server with NIC teaming. Everything looks fine until you check the system event log or run a TCP dump and see STATUS_NDIS_OFFLOAD_POLICY (0xC023100F). The exact message: The TCP connection is not offloadable because of a local policy setting. This means TCP offload – like TCP Chimney or RSC (Receive Segment Coalescing) – was supposed to kick in, but something told NDIS to back off.

Had a client last month whose file server was crawling on large transfers. They'd enabled TCP offload on the NIC, but the error kept popping up. The real culprit? A local security policy or registry flag overriding the NIC settings. Let me walk you through the fix.

Root cause

Windows has a hierarchy for offload settings. The NIC driver can advertise it supports TCP Chimney, Large Send Offload, or RSC. But the OS has local policy flags – stored in the registry or pushed via Group Policy – that say don't use it. This is by design for security or stability reasons. Common triggers:

• NIC teaming (Microsoft LBFO or 3rd-party) that disables hardware offloads
• Hyper-V virtual switches that block NIC offloads on the host
• Group Policy object (GPO) that disables TCP Chimney Offload
• Antivirus or firewall software that hooks the TCP stack

The error code 0xC023100F is NDIS's way of saying: I checked the policy first, and it says no. If you haven't changed anything recently, a Windows update or a GPO refresh could've flipped the switch.

The fix (numbered steps)

Step 1: Check current offload state with netsh

Open an elevated Command Prompt and run:

netsh int tcp show global

Look for Chimney Offload State and RSC State. If they show disabled, that's your problem. But even if they show enabled, the policy could still be blocking at the NIC level. Next command:

netsh int tcp show chimney

If it says disabled anywhere, we need to enable it.

Step 2: Enable TCP Chimney via netsh

Still in the admin prompt, run:

netsh int tcp set global chimney=enabled

Then re-check with netsh int tcp show global to confirm it stuck. On some systems, you also need to enable RSC:

netsh int tcp set global rsc=enabled

Step 3: Check the registry for policy overrides

If netsh shows enabled but the error persists, the policy is buried deeper. Open Regedit and go to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Look for EnableTCPChimney. If it's not there, create a DWORD (32-bit) with that name. Set its value to 1. Also check for EnableRSC – same thing, set to 1.

Also check this location for GPO-driven policies:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Tcpip\Parameters

If there's a EnableTCPChimney or DisableOffload key here set to 1, that's the culprit. Delete or set to 0.

Step 4: Reboot and test

After registry changes, reboot the server. Then verify the error is gone by checking the event log for 0xC023100F or running a TCP transfer. You can also run:

netsh int tcp show chimney

It should now say enabled across the board.

What to check if it still fails

If you've done all that and the error still shows, three things to look at next:

• NIC teaming software: Some 3rd-party teaming drivers (Intel PROSet, Broadcom BACS) disable hardware offloads by default. Open the teaming management app and re-enable TCP offload per adapter.
• Hyper-V role: If the server is a Hyper-V host, the hypervisor strips offload capabilities from the physical NIC for the host OS. That's by design – the VMs get the offload. You can't fix it on the host side. Workaround: use SR-IOV on the VMs.
• Antivirus or firewall: Some security software (especially those with network inspection) inject a filter driver that blocks offload. Temporarily disable the software and test. If the error goes away, you need to add an exception for TCP Chimney in the software's settings.

One last thing: if you're on Windows Server 2022 or later, TCP Chimney is deprecated. Microsoft replaced it with RSC and RSS. In that case, focus on enabling RSC instead. The same policy keys apply – just target EnableRSC instead of Chimney.

That's it. No magic, just a few registry keys and netsh commands that actually work. Save yourself the headache of reinstalling drivers or swapping NICs – 9 times out of 10, it's a policy flag.