A Windows Vista-based or Windows Server 2008-based computer behind a NAT device cannot communicate with another computer through an IPsec tunnel-mode connection

Article ID: 957624 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

You use a Windows Vista-based or Windows Server 2008-based computer that is behind a Network Address Translation (NAT) device. When you use this computer to try to communicate with another computer through an Internet Protocol security (IPsec) tunnel-mode connection, the connection fails.
Back to the top | Give Feedback

CAUSE

This issue may occur if more than one computer shares the same source port. Windows Vista and Windows Server 2008 do not support tunnel-mode connections when the computer is behind an NAT device. Therefore, a conflict may occur.
Back to the top | Give Feedback

RESOLUTION

A hotfix is available to resolve this issue. This hotfix adds the support for IPsec when the computer is behind a NAT device.

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
(http://support.microsoft.com/contactus/?ws=support)
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Important Windows Vista and Windows Server 2008 hotfixes are included in the same packages. However, only one of these products may be listed on the “Hotfix Request” page. To request the hotfix package that applies to both Windows Vista and Windows Server 2008, just select the product that is listed on the page.

Prerequisites

To apply this hotfix, the computer must run one of the following:
  • Windows Vista Service Pack 1
  • Windows Server 2008

Restart requirement

You have to restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace any other previously released hotfixes. The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Windows Vista and Windows Server 2008 file information note


The MANIFEST files (.manifest) and MUM files (.mum) installed for each environment are listed separately . MUM and MANIFEST files, and the associated security catalog (.cat) files, are very important to maintaining the state of the updated component. The security catalog files (attributes not listed) are signed with a Microsoft digital signature.

For all supported x86-based versions of Windows Vista and Windows Server 2008
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Netio.sys6.0.6001.22260223,28809-Sep-200805:42x86
Bfe.dll6.0.6001.22260328,70409-Sep-200805:27x86
Fwpkclnt.sys6.0.6001.22260101,43209-Sep-200805:34x86
Fwpuclnt.dll6.0.6001.22260595,45609-Sep-200805:27x86
Ikeext.dll6.0.6001.22260438,27209-Sep-200805:27x86
Wfp.mofNot Applicable81418-Dec-200721:11Not Applicable
Wfp.tmfNot Applicable175,50809-Sep-200803:28Not Applicable
Tcpip.sys6.0.6001.22260891,96009-Sep-200805:43x86
For all supported x64-based versions of Windows Vista and Windows Server 2008
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Netio.sys6.0.6001.22260345,65609-Sep-200804:51x64
Bfe.dll6.0.6001.22260458,24009-Sep-200804:46x64
Fwpkclnt.sys6.0.6001.22260168,50409-Sep-200804:51x64
Fwpuclnt.dll6.0.6001.22260779,77609-Sep-200804:47x64
Ikeext.dll6.0.6001.22260454,65609-Sep-200804:47x64
Wfp.mofNot Applicable81418-Dec-200721:10Not Applicable
Wfp.tmfNot Applicable174,68009-Sep-200802:44Not Applicable
Tcpip.sys6.0.6001.222601,419,32009-Sep-200804:53x64
Fwpuclnt.dll6.0.6001.22260595,45609-Sep-200805:27x86
Wfp.mofNot Applicable81418-Dec-200721:11Not Applicable
For all supported Itanium-based versions of Windows Server 2008
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Netio.sys6.0.6001.22260641,59209-Sep-200805:59IA-64
Bfe.dll6.0.6001.22260781,31209-Sep-200805:37IA-64
Fwpkclnt.sys6.0.6001.22260264,24809-Sep-200805:59IA-64
Fwpuclnt.dll6.0.6001.222601,122,30409-Sep-200805:37IA-64
Ikeext.dll6.0.6001.22260925,18409-Sep-200805:37IA-64
Wfp.mofNot Applicable81418-Dec-200721:11Not Applicable
Wfp.tmfNot Applicable174,77509-Sep-200803:50Not Applicable
Tcpip.sys6.0.6001.222602,924,08809-Sep-200805:58IA-64
Fwpuclnt.dll6.0.6001.22260595,45609-Sep-200805:27x86
Wfp.mofNot Applicable81418-Dec-200721:11Not Applicable
Back to the top | Give Feedback

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Back to the top | Give Feedback

MORE INFORMATION

For more information about IPsec, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/network/cc987611.aspx
(http://technet.microsoft.com/en-us/network/cc987611.aspx)
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684
(http://support.microsoft.com/kb/824684/ )
Description of the standard terminology that is used to describe Microsoft software updates

Additional file information for Windows Vista and for Windows Server 2008

Additional files for all supported x86-based versions of Windows Vista and of Windows Server 2008
Collapse this tableExpand this table
File namePackage_1_for_kb957624~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size2,230
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_2_for_kb957624~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size2,177
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_3_for_kb957624~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,729
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_4_for_kb957624~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size2,235
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_5_for_kb957624~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size2,235
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_client_1~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,641
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_client~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,431
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_sc_0~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,422
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_sc~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,423
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_server_0~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,425
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_server~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,431
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_winpesrv_0~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,422
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_winpesrv~31bf3856ad364e35~x86~~6.0.1.0.mum
File versionNot Applicable
File size1,430
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameX86_185ebbafa5b39e9fe0230c789753449d_31bf3856ad364e35_6.0.6001.22260_none_a7a19f5e444919a3.manifest
File versionNot Applicable
File size1,402
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameX86_cd1fb76c33c89b9377ba3330761420b5_31bf3856ad364e35_6.0.6001.22260_none_1e9e9e128802bd11.manifest
File versionNot Applicable
File size1,056
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameX86_e0d6a0be161ed5f33501253e2f74c674_31bf3856ad364e35_6.0.6001.22260_none_a5f48151d830faf5.manifest
File versionNot Applicable
File size702
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameX86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22260_none_56e42bfece9bcbf6.manifest
File versionNot Applicable
File size3,908
Date (UTC)09-Sep-2008
Time (UTC)06:18
File nameX86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22260_none_cd6d2f1243d91ca0.manifest
File versionNot Applicable
File size127,634
Date (UTC)09-Sep-2008
Time (UTC)06:20
File nameX86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22260_none_b366d17b7fb4858d.manifest
File versionNot Applicable
File size6,254
Date (UTC)09-Sep-2008
Time (UTC)06:21
Additional files for all supported x64-based versions of Windows Vista and of Windows Server 2008
Collapse this tableExpand this table
File nameAmd64_67673883775ecda6ca8e2575caf164c8_31bf3856ad364e35_6.0.6001.22260_none_92cf9f5e66c66c84.manifest
File versionNot Applicable
File size1,410
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameAmd64_69f8013cae75ba4c7cb6fa462dbe4bfc_31bf3856ad364e35_6.0.6001.22260_none_ef979f37c20fcdc3.manifest
File versionNot Applicable
File size2,114
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameAmd64_d9662b3e855aea4a1e26a9b660e78f8e_31bf3856ad364e35_6.0.6001.22260_none_a3f049d6beca3558.manifest
File versionNot Applicable
File size1,766
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameAmd64_e0becec4f14d89097510503c9a2122c2_31bf3856ad364e35_6.0.6001.22260_none_09fda7cbdc73fa5a.manifest
File versionNot Applicable
File size706
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameAmd64_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22260_none_b302c78286f93d2c.manifest
File versionNot Applicable
File size3,916
Date (UTC)09-Sep-2008
Time (UTC)05:04
File nameAmd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22260_none_298bca95fc368dd6.manifest
File versionNot Applicable
File size127,680
Date (UTC)09-Sep-2008
Time (UTC)05:07
File nameAmd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22260_none_0f856cff3811f6c3.manifest
File versionNot Applicable
File size6,276
Date (UTC)09-Sep-2008
Time (UTC)05:08
File namePackage_1_for_kb957624~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size2,244
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_2_for_kb957624~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size2,643
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_3_for_kb957624~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,739
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_4_for_kb957624~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size2,701
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_5_for_kb957624~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size2,701
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_client_1~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,651
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_client~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,439
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_sc_0~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,430
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_sc~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,431
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_server_0~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,433
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_server~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,439
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_winpesrv_0~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,430
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_winpesrv~31bf3856ad364e35~amd64~~6.0.1.0.mum
File versionNot Applicable
File size1,438
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameWow64_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22260_none_bd5771d4bb59ff27.manifest
File versionNot Applicable
File size2,730
Date (UTC)09-Sep-2008
Time (UTC)06:04
File nameWow64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22260_none_33e074e830974fd1.manifest
File versionNot Applicable
File size71,155
Date (UTC)09-Sep-2008
Time (UTC)06:05
Additional files for all supported Itanium-based versions of Windows Server 2008
Collapse this tableExpand this table
File nameIa64_5b6f4b4390516dc5f8f500529c61a91b_31bf3856ad364e35_6.0.6001.22260_none_0d2dafe2f41491ab.manifest
File versionNot Applicable
File size1,406
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameIa64_650a663e93f7e974aa371bb72bd20031_31bf3856ad364e35_6.0.6001.22260_none_c7208fae91d7e4b8.manifest
File versionNot Applicable
File size2,110
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameIa64_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22260_none_56e5cff4ce99d4f2.manifest
File versionNot Applicable
File size3,912
Date (UTC)09-Sep-2008
Time (UTC)06:21
File nameIa64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22260_none_cd6ed30843d7259c.manifest
File versionNot Applicable
File size127,657
Date (UTC)09-Sep-2008
Time (UTC)06:23
File nameIa64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22260_none_b36875717fb28e89.manifest
File versionNot Applicable
File size6,265
Date (UTC)09-Sep-2008
Time (UTC)06:24
File namePackage_1_for_kb957624~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size2,237
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_2_for_kb957624~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size2,694
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_3_for_kb957624~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size2,694
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_sc_0~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size1,425
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_sc~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size1,426
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_server_0~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size1,429
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_server~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size1,434
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_winpesrv_0~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size1,426
Date (UTC)09-Sep-2008
Time (UTC)18:14
File namePackage_for_kb957624_winpesrv~31bf3856ad364e35~ia64~~6.0.1.0.mum
File versionNot Applicable
File size1,433
Date (UTC)09-Sep-2008
Time (UTC)18:14
File nameWow64_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22260_none_bd5771d4bb59ff27.manifest
File versionNot Applicable
File size2,730
Date (UTC)09-Sep-2008
Time (UTC)06:04
File nameWow64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22260_none_33e074e830974fd1.manifest
File versionNot Applicable
File size71,155
Date (UTC)09-Sep-2008
Time (UTC)06:05
Back to the top | Give Feedback

Properties

Article ID: 957624 - Last Review: October 8, 2011 - Revision: 2.0
APPLIES TO
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Basic 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Business
  • Windows Vista Business 64-bit Edition
  • Windows Vista Enterprise
  • Windows Vista Home Basic
  • Windows Vista Home Premium
  • Windows Vista Ultimate
  • Windows Server 2008 Datacenter without Hyper-V
  • Windows Server 2008 Enterprise without Hyper-V
  • Windows Server 2008 for Itanium-Based Systems
  • Windows Server 2008 Standard without Hyper-V
  • Windows Server 2008 Datacenter
  • Windows Server 2008 Enterprise
  • Windows Server 2008 Standard
Keywords: 
kbautohotfix kbexpertiseadvanced kbfix kbqfe KB957624
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top