FIX: The final ACK packet during an orderly closure of a SecureNAT client TCP connection may be dropped in a Forefront Threat Management Gateway 2010 environment

Article translations Article translations
Article ID: 2518676 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

During the orderly closure of a SecureNAT client TCP connection in a Microsoft Forefront Threat Management Gateway (TMG) 2010 environment, TMG may drop the final acknowledgement (FIN ACK) of the connection closure handshake.

This could lead to re-transmissions of the final FIN ACK packet, and these re-transmissions can lead to application delays, depending on the behavior of the application.

CAUSE

This issue occurs because of a handling bug in the Firewall Engine driver for TMG.

RESOLUTION

To resolve this issue, install the software update that is described in the following Microsoft Knowledge Base article:
2517957 Software Update 1 Rollup 4 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 1

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

REFERENCES

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 2518676 - Last Review: June 15, 2011 - Revision: 2.0
APPLIES TO
  • Microsoft Forefront Threat Management Gateway 2010 Enterprise
  • Microsoft Forefront Threat Management Gateway 2010 Standard
  • Microsoft Forefront Threat Management Gateway 2010 Service Pack 1
Keywords: 
kbexpertiseinter kbbug kbsurveynew kbqfe kbfix KB2518676

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com