All,
we have a very strange issue here. Our environment: We use TMG 2010 (latest SP and update rollups) on Server 2008 R2 (non-domain joined) as a simple firewall without any webproxy settings to protect our internal network against a datacenter network which hosts our SAP server. I disabled any flood mitigation settings and NIS. The network relationship is Route. Sporadically single IP addresses suddenly stops the connection to the SAP hosts. You cannot ping any of the hosts in the datacenter from this single IP address. Doing a tracert to one of the SAP hosts seems to release a kind of blocking state for this síngle IP address and after that everything works fine. We cannot reproduce this behaviour. The described blocking state doesn´t get released by itself, even for days.
I also configured the registry parameter as shown in http://support.microsoft.com/kb/2596065, no success. You cannot see any denied access things in the Logging.
Any kind of input is greatly appreciated.
Thanks
Volker