Article ID: 944335 - View products that this article applies to.
On a Windows Vista-based computer, when you try to communicate with another computer through an Internet Protocol security (IPsec) tunnel-mode connection, the connection fails.
This issue occurs if the Windows Vista-based computer is behind a Network Address Translation (NAT) device.
This is a design change in Windows Vista.
Behind an NAT device, if more than one computer shares the same source port, a conflict may occur. Therefore, Windows Vista removes support for tunnel mode when the computer is behind an NAT device.
To work around this issue, do not use IPsec tunnel mode when the Windows Vista-based computer is behind an NAT device.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/314764/ )Using Internet Protocol Security with Network Address Translation and Internet Security Acceleration Server
Article ID: 944335 - Last Review: November 6, 2007 - Revision: 1.2