Quantcast
Channel: Forefront TMG and ISA Server forum
Viewing all 3822 articles
Browse latest View live

TMG 2010 network adapter losing connectivity after application of MS updates for October 2013

November 19, 2013, 5:08 pm
$
0
0

Shortly after we applied the Microsoft October 2013 updates to our TMG 2010 SP2 server we started experiencing loss of connectivity on our Internet facing adapter (could not longer ping the gateway etc).  A reboot would resolve the issue.  The problem kept recurring so we removed a couple of the networking related updates for October (http://support.microsoft.com/kb/2888049 ) and (http://support.microsoft.com/kb/2882822 ) as a test.  After these were removed the problem stopped.

We inadvertently reapplied these two updates during the November 2013 update cycle and the problem happened again. We removed the updates and everything is back to normal.

Just wondering if anyone else has applied these two updates to their TMG 2010 SP2 server and experienced any unusual issues?

Thanks

Search

TMG Stops responding any request, internal or external, even its own internet connection is lost

August 9, 2015, 3:05 am
$
0
0

Hello all,

I have  a TMG 2010 SP2 RU5 server running on Hyper-V (Server 2012 R2). Once in a while, not longer than 2-3 weeks, TMG stops responding to any request. It has direct connection to internet with its public IP setup interface. But even TMG itself cannot connect to the internet when the problem happens. That results in unability to do its NATting, Publishing and VPN duties.

All firmware and drivers are up to date on the hardware.

Issues were there since the first install date, which started with 2010 SP2 RU4.

The worst part is, restarting the server is not a solution. I have to uninstall and reinstall some TMG Rollups to resolve the issue. But since I am fed up with the problem, I take snapshots  regularly and I switch back to the latest when I have the issue.

Any suggestions on this?

Thanks.

Access "https://www.smsb.ae:1117/" - this website to run through TMG 2010

August 11, 2015, 12:07 am
$
0
0
I want to allow  "https://www.smsb.ae:1117/" - this website to run through TMG 2010 . Please guide me to the steps to do in Tmg for this.

TMG Logging Status - Disconnected

December 29, 2011, 3:55 am
$
0
0

Hi folks,

Our TMG 2010 (SP2) installation is configured using default settings for Firewall & Web Proxy Logging. However, we are seeing the Log Status as being 'disconnected'. We are logging to the default folder which just appears to contain .llq files. Could someone please point me in the right direction to begin troubleshooting this issue as we are hoping to move this installation on to our live network as soon as possible?

 

Many thanks,

 

JP

Edge hijack

August 11, 2015, 11:01 am
$
0
0

when i open Edge, goes to a page "softwareupdateproduct.com and locks out everything except an OK button to update software.

I have to use task manager to close Edge.

TMG and Google Hangouts

August 12, 2015, 2:58 am
$
0
0

Hello,

I'd like to ask if anyone of you has similar problem: 

We're using TMG 2010 and now we're testing Google Hangouts in our network. TMG is our outbound proxy. Shortly after strarting a meeting (30 sec up to 1 minute) we get a Hangout error #51 ("try again later") or there is a black screen with "Call has ended" information.  We had no luck when searching through TMG logs - nothing seems to be blocked and we've not added any Google IP, URL or Netblocks to be blocked. Popular browsers were tested (IE, Chrome, FF,  Opera, Safari) with the same results. On other network everything works just fine (without TMG), but other test TMG proxy shown same results. Funny thing is that when testing directly on TMG server - Hangouts work like a charm. For the tests purpose we also allowed all Outbound traffic with no luck.

Any thoughts / ideas on this? 

TMG on 2008R2 - not showing PPP adapter RAS Server affecting VPN

August 13, 2015, 6:18 am
$
0
0

Hi All,

I have interesting issues with an ISA 2006 SP1 to TMG2010 SP2 RU5 migration installed on 2008R2 Standard Edition. It is part of a migration /upgrade project. The TMG server is prepped and installed with the TMG software and imported the ISA configuration followed by repairing the Cert and Networking issues as the new server has a new FQDN and new set of DMZ and Production IP addresses. Initial testing has gone well and can confirm that all the web listeners are working and routing to the correct destinations. I have stumbled across an issue that I am trying to resolve with VPN. VPN is configured on the TMG and understand the RRAS is controlled by the TMG software. I have a Static IPV4 Address pool assigned and from the looks of things it all looks okay except that the Internal interface on the RRAS setting do not get an IP address assigned and remains IP Address = "Not Available" , Operational Status = "Non-Operational" , Administrative Status = "Unknown". I have also noticed that when I do a IPCONFIG /All , I don't see an "PPP adapter RAS Server" at all. I have removed the RRAS Role , with NPS and ran through the TMG Prep that reinstalls the Server Roles and Features , followed by a repair of the TMG software , however it does not cure the problem. I have been doing a lot of research and forums suggest the checking the ports GRE and the other ports. Note that L2TP and PPTP is enabled as default on ISA and these settings were migrated to the TMG. the Experience from a user using WIN7 with the standard WIN VPN comes back with an error 789 and expected as the current TMG VPN does not look like it is fully operational.

Any steer or guidance on this topic will greatly be appreciated.

Thanks

Deon

Deon MS Forum



How to find if Microsoft ISA server (Proxy Server) is using X Forwarded or if they are configured to mask all the internal IPs.

August 16, 2015, 3:57 am
$
0
0

Hi

We use Microsoft ISA server as Proxy servers for two group of users within our network and my predecessors had set up these servers in the past. Our networking team are asking me, if these proxies are using X Forwarded or if they are configured to mask all the internal IPs.

I am not familiar with Microsoft ISA, please can you provide some tutorials as how to find whether these proxies are using X Forwarded or if they are configured to mask all the internal IPs.

Thanks in advance.
Search

Some TMG protocols not worked properly.

August 16, 2015, 12:06 am
$
0
0

Hello.

I written a TMG rule that can let cell phone use specific protocols :

Cell phones can't Open Web pages and use Instagram but when they use VPN Everything is OK.

What is your idea?

When I search in Google Image, I just see two rows and other photos are gray :(

August 17, 2015, 5:54 am
$
0
0

Hello.

Google image can't show all photos to me and I want to know can it because of TMG? 

Thank you.

Block Yotube site

May 21, 2015, 8:56 pm
$
0
0

Hi,

I'm using TMG 2010, but somehow I cannot block Youtube site. I can block the http://youtube.com, but user still can open when they type http(s)://youtube.com

please help

Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Krisna Ismayanto | My blogs: Krisna Ismayanto | Twitter:@ikrisna

Is it mandatory to set Password Never Expire of TMG service Account in Standalone Array in WorkGroup Environment.

August 18, 2015, 8:51 am
$
0
0

Hello  Experts,

We have TMG Forefront Stand Alone Array configured in a workgroup environment. The array contains 2 servers configured with NLB. We have set up a TMG service account which sychs the configuration data between nodes.

We have been asked to periodically change the passwords of TMG service account on both the servers however I personally feel that its not a good Idea to change the password periodically as I followed the following article from Richard Hicks( But this article is for the TMG setup in Domain environment whereas our TMG setup is in Workgroup environment).

http://www.isaserver.org/articles-tutorials/configuration-general/Forefront-Threat-Management-Gateway-TMG-2010-Web-Proxy-Client-Redundancy-Deep-Dive-Part3.html

Please suggest if we should :

1. Periodically change the password of Service account?  OR

2. Must set the Password of TMG service Account as "Never Expires"

Thanks & Regards

Lalit

Regards Lalit

how to block yahoo mail and gmail in TMG 2010

December 30, 2012, 12:18 am
$
0
0

Hi everyone

Recently I have configured a TMG 2010 in my network and now my boss wants to block all web email access specially yahoo mail and gmail ?

I tried URL filtering and IP filtering but it is not working , my clients still can use yahoo mail and gmail from the main page of yahoo and google .

If any one has any experience or solution for my problem please kindly let me know .


Forefront TMG was unable to establish an SSL connection

August 19, 2015, 6:09 am
$
0
0

Hello All,

I have a TMG server connects with the Sharepoint web page.

Once in a while I am getting page can not be displayed error to the https URL were as the URL without TMG is working fine. So I am sure the error is only with TMG.

Error Message:

Forefront TMG was unable to establish an SSL connection with 10.175.221.26. The
handle specified is invalid

Please let me know if any one has Idea,

Thanks

Karthi

TMG 2012 web error sometimes

June 18, 2015, 12:30 pm
$
0
0
Hi, I'm using TMG 2010 in my work network, we have 1 dc and 5 computers.

My problem is this: SOMETIMES I can't access to differents web (not anyone in special) from users computers or servers. I tested connecting the computers direct to the modem and the problem dissapears, also from the TMG server I don't that that problem.
It's just sometimes not always and if I refresh the page it connects sometimes.

Can someone give me an idea of what could be wrong?
Search

TMG Client Settings refresh issue

August 19, 2015, 4:57 am
$
0
0

Hi,

I have two TMG servers with standalone array. TMG01 and TMG02 with network loadbalancing. 

The problem is when i configure TMG client settings on TMG server. The settings instantly reflect on windows 8 server having a TMG client. But the settings on windows 7 in TMG client does not reflect instantly. I have to Click on TMG client and press the Test Server button on TMG Clients under settings tab.  Please help me.

See the Fig. Where i am performing the changing.

Faisal 

Not sending e-mails through TMG 2010

August 20, 2015, 8:10 am
$
0
0

Hi everyone ,

An e-mails were working fine with the direct internet access but when the TMG implemented as a proxy server and all the clients are connected by this proxy , the e-mails can not send or receive ; in addition we can not establish telnet session from the client side even we created TMG rule to allow accessibility from internal network to external network and the set domain including the name of domain mail ! by e-mail protocol SMTP ,IMAP,POP ,DNS,.... so on

so my question is shall we need to create any additional  TMG rule to allow this traffic

Edward

A packet was dropped because Forefront TMG determined that the source IP address is spoofed.

August 23, 2015, 1:10 am
$
0
0

Hello community, i have problem with my TMG 2010 (ver. 7.0.9193.644).

I have same of the local network (it's a VLAN for management HP switch), so i make route for this VLAN, and add this VLAN in Internal networks in TMG console...but everytime i have error:

I'm read this solution...first - second - make all...and nothing...

can u help me please?

TMG network configuration

August 23, 2015, 4:40 am
$
0
0

Hi

I have windows server 2012 r2 on my physical PC and Hyper-v role activated. In virtual switch manager I created 2 virtual networks Internal and External. Forefront TMG with 2 network adapters is running on one of my VM on hyper-v on windows server 2008 r2, I need network configuration for those 2 adapters

How to disable RC4_128_SHA and RC4_128_MD5 in TMG2010?

August 24, 2015, 1:23 am
$
0
0

Hi there.

We would like to disable this two ciphers in TMG 2010.

TLS_RSA_WITH_RC4_128_SHA (0x5)
TLS_RSA_WITH_RC4_128_MD5 (0x4)

We have already tried with adding a key: RCK 128/128 subkey in registry, and then DWORD: DisabledByDefault (1).

But that doesn't disables it.

bostjanc

Viewing all 3822 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>