Microsoft KB Archive/934430

From BetaArchive Wiki
Knowledge Base


Network connectivity may fail when you try to use Windows Vista behind a firewall device

Article ID: 934430

Article Last Modified on 9/26/2007


APPLIES TO

  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Basic 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Business
  • Windows Vista Business 64-bit Edition
  • Windows Vista Enterprise
  • Windows Vista Home Basic
  • Windows Vista Home Premium
  • Windows Vista Starter
  • Windows Vista Ultimate


SYMPTOMS

When you try to use a Windows Vista-based computer behind a firewall device, network connectivity may fail. When network connectivity fails, you may see the following symptoms:

  • Programs may respond slowly.
  • Programs may stop responding.

For example, any of the following programs may be affected by this problem:

  • Microsoft Outlook or Windows Mail
  • A Web browser, such as Windows Internet Explorer 7
  • Remote Desktop Connection (RDC)
  • File sharing


CAUSE

This issue may occur if the following conditions are true:

  • You try to make a non-HTTP network connection.
  • The firewall device has a problem with its implementation of the TCP Window Scale Option that is defined in Internet Engineering Task Force (IETF) Request For Comments (RFC) 1323.

By default, the Receive Window Auto-Tuning feature in Windows Vista uses a Window Scaling factor of 8 for non-HTTP connections. This issue does not occur when you try to make an HTTP connection.

WORKAROUND

To work around this issue, use one of the following methods:

  • Run the Internet Connectivity Evaluation Tool. The Internet Connectivity Evaluation Tool checks your Internet router to see whether it supports certain technologies. The tool is intended to be run from a home network behind a home Internet (NAT) router. Running this tool from behind a corporate firewall or on operating systems other than those specified in the "Applies to" section will not produce accurate results. This tool requires administrator credentials to run. For more information, visit the following Microsoft Web site:

    http://www.microsoft.com/windows/using/tools/igd/default.mspx

  • Manually determine whether Windows Scaling is being handled incorrectly by the firewall device. To do this, follow these steps:
    1. Click Start[GRAPHIC: Start button], click All Programs, click Accessories, and then click Command Prompt.
    2. At the command prompt, type the following command, and then press ENTER:

      netsh interface tcp set global autotuninglevel=disabled

      This command disables the Receive Window Auto-Tuning feature.
    3. Try to make a non-HTTP network connection.

      Note If the connectivity problem is resolved, contact the manufacturer of the firewall device for steps to correct the issue.
    4. At a command prompt, type the following command, and then press ENTER:

      netsh interface tcp set global autotuninglevel=normal

      This command enables Receive Window Auto-Tuning again so that you can take advantage of the increase in network throughput performance that this option provides

For information about how to contact the manufacturer of the firewall device, click the appropriate article number in the following list to view the article in the Microsoft Knowledge Base:

65416 Hardware and software vendor contact information, A-K

60781 Hardware and software vendor contact information, L-P

60782 Hardware and software vendor contact information, Q-Z


Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

MORE INFORMATION

The following list describes some firewall devices that may experience this issue together with the cause of the issue on the device:

  • Linksys RV series (RV042, RV081, RV-16)
  • NetApp Cache Appliances NC 6.0.2 or an earlier version


The TCP splicing feature may not work together with the Window Scaling feature in Windows Vista. By default, the TCP splicing feature is enabled on NetApp Cache Appliances NC 6.0.2 or on an earlier version.

  • Cisco PIX 6.1(5), Cisco PIX 6.2(3), and Cisco PIX 6.3(1)


These devices do not support the Window Scaling feature in Windows Vista.

  • Cisco IOS Software Release


Cisco IOS Software Release 12.3(15) and later versions of this software support the Window Scaling feature in Windows Vista.

  • Sonicwall


The Window Scaling feature in Windows Vista may not work if you enable either of the following features on a Sonicwall firewall device:

    • Strict TCP Enforcement Option
    • Enforce strict TCP compliance with RFC 793 and RFC 1122
  • Checkpoint NG R55


To work around this issue, disable the Sequence Verifier Enforcement feature.

For more information about the Receive Window Auto-Tuning feature in Windows Vista, visit the following Microsoft Web site:

http://www.microsoft.com/technet/technetmag/issues/2007/01/CableGuy/default.aspx


The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

Keywords: kbtshoot kbfirewall kbprb kbexpertisebeginner KB934430



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/934430&oldid=260636
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki