Web Proxy Sends TCP Reset Instead of Only Closing Session

You may receive the following error message in your Web browser program (such as Microsoft Internet Explorer, NetScape Navigator, and so on) when you are posting data to a Web site: The browser clients are connecting to the Web sites through an Internet Security and Acceleration (ISA) Server Web proxy server. Subsequent attempts to repost the data may work.

The Web proxy is sending a TCP Reset to the client immediately after the proxy sends the expected AckFin. The client "sees" the Reset, and then generates the error message that is listed in the "Symptoms" section of this article.

NOTE: You must apply ISA Server 2000 Service Pack 1 before you can apply the following hotfix. If you have already applied ISA Server 2000 Service Pack 1, you do not need to do so again.

For information about how to obtain ISA Server 2000 Service Pack 1, click the article number below to view the article in the Microsoft Knowledge Base: A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site: Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language. The English version of this fix should have the following file attributes or later:

WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

This problem has only been reproduced when the browser sends an extra CR/LF character in the data that is not accounted for in the content-length in the packet. If the browser is Internet Explorer version 5.01 Service Pack 2 (SP2) or 5.5 SP2, the sending of the extra CR/LF can be disabled by editing the following registry key:

1. Start Registry Editor (Regedt32.exe).
2. Locate and then click the following key in the registry:
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
3. On the Edit menu, click Add Value, and then add the following registry value:
   Value name: SendExtraCRLF
   Data type: REG_DWORD
   Radix: Decimal
   Value data: 0
4. Quit Registry Editor.

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.