Traffic being blocked, " org dir, ack in state syn_sent, drop"

Hi! We have a setup at a customer which looks like this: [FGT80C, Site1]---(IPSec VPN tunnel)---[FGT80C, Site2]---[FGT100D, Site3] So there are two FGT80C connected through an IPSec VPN tunnel, and the middle FGT80C is connected to a 100D cluster (which contains 4 units in two locations). All servers reside in site 3, with the exception of the DCs which are in site 2. The FGT80C' s are running 4.0 MR3 Patch 15, and the 100D cluster is running 4.0 MR3 Patch 11. The problem is that when a user in site 1 opens Outlook, Outlook is unable to connect to the Exchange server. Nothing shows up in the logs in site 1 and 2, but in site 3, the logs show this error message: " org dir, ack in state syn_sent, drop" Routing and policies have been tested and verified. Fortinet support suggests disabling auto-replay, but I' m trying to figure out why this error occurs rather than just applying an easy fix that potentially exposes the customer to a SYN-attack. Any ideas?