Symptoms
Consider the following scenario:
-
You have a computer that is running Windows 7. The EnableAuthEpResolution policy in the following registry subkey is enabled on the computer:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\RPC
-
You establish a VPN connection to an internal network through Microsoft Internet Security and Acceleration (ISA) Server 2006.
-
You access the internal network by using the VPN connection.
-
You use a Microsoft Exchange Server Messaging API (MAPI) client to try to connect to an Exchange server on the internal network. For example, you use Outlook to try to connect to the Exchange server.
In this scenario, the MAPI client does not connect to the Exchange server. Therefore, you cannot send or receive mail.
Cause
This issue occurs because the EnableAuthEpResolution policy is a part of the Group Policy object (GPO) for RPC EndPoint Mapper Client Authentication. When the EnableAuthEpResolution policy is enabled, ISA Server drops the packet that has WSA_RWS_CONNECTION_KILLED. Therefore, the ISA remote procedure call (RPC) filter drops connections that are in an RPC protocol violation.
Resolution
To resolve this issue, install the hotfix rollup package that is described in the following Microsoft Knowledge Base (KB) article:
2475184 Description of the ISA Server 2006 hotfix package: December 2010
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Workaround
To work around this issue, change the value of the following registry key to 0 on the computer that is running Windows 7:
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\EnableAuthEpResolution
References
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
