You have Microsoft Forefront Threat Management Gateway (TMG) 2010 installed on a server that has several IP addresses on an external network adapter.
You have an Internal FTP client application such as a web browser that is set to use TMG as an HTTP proxy.
The client application accesses an FTP server on the external network.
You have a network rule that applies to the FTP traffic of the client application that is set to a nondefault local IP address in the Use the specified IP address box of the NAT Address Selection option.
In this scenario, the default local IP address is used unexpectedly. You expect that the FTP connection would use the IP address that you specified in the Use the specified IP address box of the NAT Address Selection option.
Note The specified IP address is used as expected when you access an HTTP site by using the TMG server as the proxy server.
To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates