Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
You cannot browse Web servers on a remote site when you use IPsec tunnels to connect sites on a Windows Server 2003-based computer that is running ISA Server 2004, ISA Server 2006, or Forefront Threat Management Gateway, Medium Business Edition
Article ID: 885351 - View products that this article applies to.
You are using Internet Protocol security (IPsec) tunnels to connect remote sites to each other on a Windows Server 2003-based computer that is running Microsoft Internet Security and Acceleration (ISA) Server 2004 or ISA Server 2006, or on a Windows Server 2008-based computer that is running Microsoft Forefront Threat Management Gateway, Medium Business Edition. When you or a user on another computer try to browse Web servers on the remote sites through the IPsec tunnels, you cannot browse the Web servers. All other traffic crosses the tunnels to and from the remote sites correctly.
This behavior may occur if you use a non-primary IP address as the local endpoint for an IPSec tunnel that connects the remote site networks. The following configurations are not supported in ISA Server 2004, in ISA Server 2006, or in Microsoft Forefront Threat Management Gateway, Medium Business Edition:
To resolve this behavior, follow these steps:
For more information about connecting remote sites, visit the "Connecting Remote Sites" Web page on the following Microsoft Web site:
http://technet2.microsoft.com/WindowsServer/en/library/6c9dddfa-a680-48d5-8ba7-9fcfc97eb39d1033.mspx?mfr=trueFor more information about IPSec Tunneling, visit the "What Is IPSec Tunneling?" Web page on the following Microsoft Web site:
http://www.microsoft.com/windows/windows2000/en/advanced/help/sag_ipsectunnel.htmFor more information about site-to-site VPN on Forefront Threat Management Gateway, visit the following Microsoft Web site:
Article ID: 885351 - Last Review: February 7, 2007 - Revision: 2.3