Windows XP SP2 Support

XP SP2 Issues

As already reported widely by many SSL VPN users, Windows XP Service Pack 2 (SP2) has a compatibility issue that prevents use of SSL VPN port forwarding.

Programs that connect to IP addresses that are in the loopback address range may not work as you expect in Windows XP Service Pack 2
http://support.microsoft.com/default.aspx?scid=kb;EN-US;884020

Resolutions

If your users have not updated to SP2 yet, please wait for updated post-SP2 releases.

If they already did, here are a work-around:

Create another tnlis.conf for XP SP2 that do not listen on 127.0.0.x where x is 2 or higher, which means that you map all SSL VPN connections onto 127.0.0.1 address.
Remote Desktop client on XP SP2 does not prevent a user from connecting to 127.0.0.1 if the port number is not 3389. So, this will not be a problem.

Or, you can have your users to apply an interim patch from Microsoft:
http://www.microsoft.com/downloads/details.aspx?FamilyId=17D997D2-5034-4BBB-B74D-AD8430A1F7C8&displaylang=en

If you apply this patch, you will restore the original behavior and don't need a work-around.

Updated 9/29/2004