Symptoms
Consider the following scenario:
-
You have a server that is running Microsoft Forefront Threat Management Gateway (TMG) 2010.
-
The TMG 2010 server is either the default gateway or on the network route to the Internet.
-
Client computers use SecureNAT clients to access the Internet.
In this scenario, the SecureNAT clients receive "404 Page Cannot be Found" error pages when the clients try to access the Internet. These error pages originate from a web server that is a different web server than the one that the SecureNAT client was trying to access. For example, a SecureNAT client that browses to http://www.contoso.com may receive a 404 error page from an http://www.woodgrovebank.com web server.
Cause
This problem occurs when the TMG server is under a heavy load of outgoing HTTP requests. Under this load, TMG 2010 can misdirect the outgoing HTTP request to the wrong external web server. This problem does not affect web proxy clients.
Resolution
To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010
Workaround
To work around this problem, configure the client computers as web proxy clients.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
More Information
The problem has only been observed when third-party antivirus software is installed on the TMG server. The problem was observed when multiple antivirus vendor software packages were installed on the TMG server.
References
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
