Microsoft KB Archive/934430

= Network connectivity may fail when you try to use Windows Vista behind a firewall device =

Article ID: 934430

Article Last Modified on 9/26/2007

-

APPLIES TO


 * Windows Vista Enterprise 64-bit Edition
 * Windows Vista Home Basic 64-bit Edition
 * Windows Vista Home Premium 64-bit Edition
 * Windows Vista Ultimate 64-bit Edition
 * Windows Vista Business
 * Windows Vista Business 64-bit Edition
 * Windows Vista Enterprise
 * Windows Vista Home Basic
 * Windows Vista Home Premium
 * Windows Vista Starter
 * Windows Vista Ultimate

-



SYMPTOMS
When you try to use a Windows Vista-based computer behind a firewall device, network connectivity may fail. When network connectivity fails, you may see the following symptoms:
 * Programs may respond slowly.
 * Programs may stop responding.

For example, any of the following programs may be affected by this problem:
 * Microsoft Outlook or Windows Mail
 * A Web browser, such as Windows Internet Explorer 7
 * Remote Desktop Connection (RDC)
 * File sharing



CAUSE
This issue may occur if the following conditions are true:
 * You try to make a non-HTTP network connection.
 * The firewall device has a problem with its implementation of the TCP Window Scale Option that is defined in Internet Engineering Task Force (IETF) Request For Comments (RFC) 1323.

By default, the Receive Window Auto-Tuning feature in Windows Vista uses a Window Scaling factor of 8 for non-HTTP connections. This issue does not occur when you try to make an HTTP connection.



WORKAROUND
To work around this issue, use one of the following methods:  Run the Internet Connectivity Evaluation Tool. The Internet Connectivity Evaluation Tool checks your Internet router to see whether it supports certain technologies. The tool is intended to be run from a home network behind a home Internet (NAT) router. Running this tool from behind a corporate firewall or on operating systems other than those specified in the &quot;Applies to&quot; section will not produce accurate results. This tool requires administrator credentials to run. For more information, visit the following Microsoft Web site:

http://www.microsoft.com/windows/using/tools/igd/default.mspx

 Manually determine whether Windows Scaling is being handled incorrectly by the firewall device. To do this, follow these steps:  Click Start, click All Programs, click Accessories, and then click Command Prompt. At the command prompt, type the following command, and then press ENTER:

netsh interface tcp set global autotuninglevel=disabled

This command disables the Receive Window Auto-Tuning feature. Try to make a non-HTTP network connection.

Note If the connectivity problem is resolved, contact the manufacturer of the firewall device for steps to correct the issue. At a command prompt, type the following command, and then press ENTER:

netsh interface tcp set global autotuninglevel=normal

This command enables Receive Window Auto-Tuning again so that you can take advantage of the increase in network throughput performance that this option provides</ol> </li></ul>

For information about how to contact the manufacturer of the firewall device, click the appropriate article number in the following list to view the article in the Microsoft Knowledge Base:

65416 Hardware and software vendor contact information, A-K

60781 Hardware and software vendor contact information, L-P

60782 Hardware and software vendor contact information, Q-Z

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

<div class="moreinformation_section">

MORE INFORMATION
The following list describes some firewall devices that may experience this issue together with the cause of the issue on the device:
 * Linksys RV series (RV042, RV081, RV-16)
 * NetApp Cache Appliances NC 6.0.2 or an earlier version

The TCP splicing feature may not work together with the Window Scaling feature in Windows Vista. By default, the TCP splicing feature is enabled on NetApp Cache Appliances NC 6.0.2 or on an earlier version.
 * Cisco PIX 6.1(5), Cisco PIX 6.2(3), and Cisco PIX 6.3(1)

These devices do not support the Window Scaling feature in Windows Vista.
 * Cisco IOS Software Release

Cisco IOS Software Release 12.3(15) and later versions of this software support the Window Scaling feature in Windows Vista.
 * Sonicwall

The Window Scaling feature in Windows Vista may not work if you enable either of the following features on a Sonicwall firewall device:
 * Strict TCP Enforcement Option
 * Enforce strict TCP compliance with RFC 793 and RFC 1122
 * Checkpoint NG R55

To work around this issue, disable the Sequence Verifier Enforcement feature.

For more information about the Receive Window Auto-Tuning feature in Windows Vista, visit the following Microsoft Web site:

http://www.microsoft.com/technet/technetmag/issues/2007/01/CableGuy/default.aspx

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

Keywords: kbtshoot kbfirewall kbprb kbexpertisebeginner KB934430

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.