When a mixed HTTP / HTTPS web application is published through TMG you might get stuck in and endless loop that ends in TMG dropping you because of flood mitigation.
This will only occur when certain criteria exists.
The TMG listener needs to be configured to accept connections on 80 and 443. TMG should also be configured NOT to do any HTTP to HTTPS redirection.
The publishing rule bridging setting also need to forwards requests to 80 and 443.
This setup would then rely on the application to do the switching between HTTP and HTTPS for the relevant pages.
"In this scenario, when the Web server receives an HTTP request, it redirects the request to the TMG server as an SSL request (HTTPS). For example, http://www.contoso.com is redirected to https://www.contoso.com.
Then TMG translates SSL requests to HTTP requests and redirects it to the Web server. This causes an endless loop."
In our scenario what happened was that our session would successfully go from HTTP to HTTPS but when when were redirected by the application down to HTTP again we would get stuck in the loop.
A trace would show the following loop
This would end with TMG dropping all request from this client and you would end up with a "Internet Explorer cannot display the webpage" that would persist as long as TMG is dropping connection from that client IP.
To resolve the issue you need to explicitly define link translations for HTTP to HTTP and HTTPS to HTTPS. This seems a redundant configuration but it is required.
Thanks to Chris Lotter for figuring this out based on info from http://support.microsoft.com/kb/924373 and http://social.technet.microsoft.com/Forums/en/Forefrontedgegeneral/thread/6b58c704-7d42-4168-82e6-8fa302d5e12f