- You configure an Internet Protocol Security (IPsec) VPN site-to-site tunnel or a Point-to-Point Tunneling Protocol (PPTP) VPN site-to-site connection between a Microsoft Forefront Threat Management Gateway (TMG) 2010 multiple-member array deployment and another site. And, you can successfully access resources through the tunnel.
- You enable integrated network load balancing (NLB) on the TMG 2010 array.
- You try to access resources in another site.
Note The scope of this problem is actually larger than IPsec site-to-site VPN. The problem that is described here may occur in any array-based TMG 2010 deployments for which integrated NLB is enabled when NLB WMI events such as node convergence are triggered. Site-to-site VPN that has NLB enabled is the most visible example.
Service pack informationThis problem is fixed in Forefront TMG 2010 Service Pack 1.
For more information about how to obtain Forefront TMG 2010 Service Pack 1, click the following article number to view the article in the Microsoft Knowledge Base:
Update informationTo resolve this problem, follow these steps:
- Apply the update for Forefront TMG 2010 that is available from the Microsoft Download Center:
Download the Update for Forefront TMG 2010 (KB 980674) package now.
For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:119591 How to obtain Microsoft support files from online servicesMicrosoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
- Restart the computer that is running Forefront TMG 2010.