The connection fails on a Windows Vista-based computer when you try to communicate with another computer through an IPsec tunnel-mode connection

Article translations Article translations
Article ID: 944335 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

On a Windows Vista-based computer, when you try to communicate with another computer through an Internet Protocol security (IPsec) tunnel-mode connection, the connection fails.

This issue occurs if the Windows Vista-based computer is behind a Network Address Translation (NAT) device.

CAUSE

This is a design change in Windows Vista.

Behind an NAT device, if more than one computer shares the same source port, a conflict may occur. Therefore, Windows Vista removes support for tunnel mode when the computer is behind an NAT device.

WORKAROUND

To work around this issue, do not use IPsec tunnel mode when the Windows Vista-based computer is behind an NAT device.

STATUS

This behavior is by design.

MORE INFORMATION

For more information, click the following article number to view the article in the Microsoft Knowledge Base:
314764 Using Internet Protocol Security with Network Address Translation and Internet Security Acceleration Server

Properties

Article ID: 944335 - Last Review: November 6, 2007 - Revision: 1.2
APPLIES TO
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Business
  • Windows Vista Business 64-bit Edition
  • Windows Vista Enterprise
  • Windows Vista Home Premium
  • Windows Vista Ultimate
Keywords: 
kbexpertiseadvanced kbprb KB944335

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com