Hello,
I have the following setup and problem:
2 offices with site-to-site IPSec VPN. Branch office has TMG 2010 SP2 installed used as edge firewall and main office has Cisco router. I created the VPN based on the following article: http://www.carbonwind.net/ISA/CiscoVPN/CiscoRouterISAVPN.htm. Only difference is that I use certificate, not a shared password.
Everything works as a charm - DNS, AD, RDP, pings, etc.
Issues I have are the following:
From branch office, domain joined computers cannot connect to SQL server over 1433 and to sharepoint site running on port 81. What I see when I turn on logging on TMG is:
0x80074e21 FWX_E_ABORTIVE_SHUTDOWN with Status: A connection was abortively closed after one of the peers sent an RST packet. RST packet is sent from client - this message is not red.
then I get the red message:
0xc0040017 FWX_E_TCP_NOT_SYN_PACKET_DROPPED with Status: A non-SYN packet was dropped because it was sent by a source that does not have an established connection with the Forefront TMG computer.
When connection to the SQL/SharePoint is established from a standalone computer behind the TMG, everything works as a charm.
Any ideas? I am thinking it might be related to some Application/Web filters in TMG, but I am not that sure in that.
Regards
