Error message in ISA Server 2004 when you configure an IPsec tunnel mode site-to-site VPN on an ISA Server 2004-based computer: “0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED”
Consider the following scenario:
- You configure a site-to-site virtual private network (VPN) tunnel on a Microsoft Internet Security and Acceleration (ISA) Server 2004-based computer.
- You configure the VPN tunnel by using Internet Protocol security (IPsec) tunnel mode method.
In this scenario, you may find that the IPsec tunnel connection is blocked and the following run-time error message is logged in the ISA Server log:
- You have installed Microsoft Windows Server 2003 Service Pack 1.
- The frequency of this error message depends on the parameters of the IPSec tunnel mode configuration.
- The error message occurs even if you disable the IP Spoof Detection feature.
For more information about how to disable IP Spoof Detection feature, click the following article number to view the article in the Microsoft Knowledge Base:
838114 (http://support.microsoft.com/kb/838114/) How to disable the IP Spoof Detection feature in Microsoft ISA Server 2004
For more information and solution, check out: http://support.microsoft.com/default.aspx?scid=kb;en-us;917025&sd=rss&spid=2108#top
Thomas W Shinder, M.D.
MVP — ISA Firewalls