This issue occurs because Forefront TMG 2010 cannot parse a multi-packet response that is for the HTTPS CONNECT request and that is from the upstream proxy. Therefore, Forefront TMG 2010 does not send the response to the client computer.
When you try to create a HTTPS connection, the downstream proxy that has Forefront TMG 2010 installed forwards the HTTPS CONNECT request to the upstream proxy. The upstream proxy returns a response packet that has some additional headers. However, Forefront TMG 2010 cannot parse the response if the returned packet is split into multiple packets.
To resolve this issue, install the software update that is described in the following Microsoft Knowledge Base (KB) article:
2433623 Software Update 2 for Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates