This behavior may occur because of the TCP/IP maximum transmission unit (MTU) setting that is applied during ISA Server installation.
To prevent an attacker from changing the MTU value, ISA Server 2004 disables path MTU (PMTU) discovery. This setting is documented in Microsoft security bulletin MS05-019. To see this bulletin, visit the following Microsoft Web site:
- By default, Windows uses an MTU setting of 1,480 bytes and accepts Internet Control Message Protocol (ICMP) messages that request smaller packet sizes.
- If MTU discovery is disabled on a Windows-based server, the server uses an MTU setting of 576 bytes.