Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

FIX: Client computers cannot access an L2TP server or an IPSec endpoint through a Threat Management Gateway 2010 server array that uses network load balancing


View products that this article applies to.

Symptoms

Consider the following scenarios:

Scenario 1:

  • You have servers that are running Microsoft Forefront Threat Management Gateway 2010 (TMG) Service Pack 1 (SP1) with Integrated Network Load Balancing (NLB).
  • You have at least 2 network adapters, and you let Internet Protocol security (IPsec) and Layer 2 Tunneling Protocol (L2TP) traffic through the TMG array to a remote destination.
  • A route relationship is configured in TMG between networks where IPsec and L2TP/IPsec will be forwarded. 
  • Some internal client computers use IPsec or L2TP/IPsec to connect to a server on the other network. The other network can be an external or perimeter network.

Scenario 2:

  • You have servers that are running TMG SP1 with NLB.
  • You have at least 2 network adapters, and you enable IPsec or L2TP traffic through the TMG array to a remote destination.
  • A network address translation (NAT)relationship is configured in TMG between networks where IPsec and L2TP/IPsec will be forwarded. 
  • Some internal client computers use IPsec or L2TP/IPsec to connect to a server on the other network. The other network can be an external or perimeter network.
In these scenarios there is an NLB and TMG integration failure, and the client computers that use IPsec or L2TP/IPsec cannot connect to a server on the external or perimeter network.

↑ Back to the top


Resolution

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010

↑ Back to the top


Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top


References

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

↑ Back to the top


Keywords: kbfix, kbbug, kbexpertiseinter, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 2592455
Revision : 1
Created on : 1/7/2017
Published on : 10/31/2011
Exists online : False
Views : 359