Hi there,
we have a strange issue with some clients trying to connect to a mail server in a remote site.
We do have two sites (A & B) both secured with TMG and connected via S2S VPN. Those sites have different AD domains (A & B) with a two-way-trust.
When a notebook from domain A is located at site B, it's configured via DHCP so it uses TCP/IP settings from site B. If this notebook (or the user in front of it ;-)) tries to connect to the mail server at site A via HTTPS (used for Exchange EWS), no connection could be established.
Strange thing is: If a computer from domain B (located at site B and configured with TCP/IP settings from site B) tries the same thing, everything works fine.
I already had a closer look at the TMG log and I can see a lot of rejected connections. TMG is giving the following error message:
“a non-syn packet was dropped because it was sent by a source that does not have an established connection with the TMG server computer”
Does anyone have an idea?
Regards
Thomas H.