Hello.
I written a TMG rule that can let cell phone use specific protocols :
Image may be NSFW.
Clik here to view.
Cell phones can't Open Web pages and use Instagram but when they use VPN Everything is OK.
What is your idea?
Hello.
I written a TMG rule that can let cell phone use specific protocols :
Image may be NSFW.
Clik here to view.
Cell phones can't Open Web pages and use Instagram but when they use VPN Everything is OK.
What is your idea?
Hi,
We have a 2 server TMG 2010 Array SP2 Rollup5. At the moment we have windows integrated NLB enabled. We are about to disable NLB and implement DNS Round Robin. The DNS servers will have a Host A Record with the FQDN for name of the Array for each array node IP address. I know that with Round Robin enabled (by default) the DNS server will rotate the IP addresses that it provides to clients attempting to resolve the array name, to spread the load evenly across the array servers. The question I have is - is there anything that specifically needs to be done on the TMG servers to compliment the DNS Round Robin process.
many thanks in advance
Hi,
We have a customer using Exchange and TMG 2010 in the production environment, and they have purchased the extended support license option for this installation. They also have an Exchange installation for testing and development, but no TMG server since the services weren't published externally.
They are now looking at configuring the test environment so it can be used as pilot/test for mobile device management. If possible, how do we go about licensing a TMG server in this test environment if we need to publish services to the internet?
Hi
I have a URL http://docs.sdl.com/LiveContent/content/en-US/API%20references%20for%20SDL%20Xopus-v311/GUID-4F2C6B13-8DAA-48A8-9C88-35594917DDBC
that the TMG shows me only the code HTML and not the web as it
is correct.
The URL is excluded from malware scanner, http compression disabled.
TMG 2010 v.7.0.9193.644
What can I watch?
Regards!!!
Hello
We have sccm r2 environment, i tried to create custom report but report builder require to enter data source credentials to continue but an error message popup " unable to connect to data source- The certificate chain was issued by an authority that is not trusted ".
I checked test connection and its working fine. I have created many reports before but i changed administrator password after that.
Regards,
Hello
If I change the server the TMG, I can migrate license.
Thank you
Hugo Monge
Hello,
I use TMG 2010 on Windows 2008 R2 Standard.
On TMG I have three NIC:
TMG running in ISP redundancy mode (load balancing).
A problem: I can't ping the secondary NIC3 IP (91.xxx.xxx.3) from outside. I can ping 178.xxx.xxx.66, i can ping 91.xxx.xxx.2 without any problem, but I can not ping the 91.xxx.xxx.3...
Okay. I start some experiments. I connect another computer with 91.xxx.xxx.5 in the ISP2 provider switch and can ping from 91.xxx.xxx.5 to 91.xxx.xxx.3 and vice versa without any troubles.
Next step. I install Network Monitor on TMG and can see the interesting thing: the reply packet from 91.xxx.xxx.3 is sending throw the NIC2 interface.
I check the Weak Host Send on all interfaces - it is turned off. I decrease NIC2 metric - the result is the same...
Can anybody give me some ideas how to fix this?..
Hi,
I have install TMG version 7.0.8108.200 and configure it for https inspections, i can block facebook, when i have try to block youtube using domain set or url set , categories or categories set i have not succeed.
Also i have try to block the video on it and the flash using the content type but same.
Any way to block the youtube or at least the video steaming on it.
thanks in advance.
Hi Experts,
We have recently migrated to office365 therefore our client needs to access https://login.microsoftonline.com portal and it’s all application like SharePoint we feel that something is wrong when accessing this portal or Microsoft TechNet site time out errors, slowness and browser hanging issues so we check internet speed all fine all other sites like daily motion, Facebook all are working fine.
We also checked logging (From TMG) that anything blocking but nothing is blocking.
Our Setup (Scenario)
Client Configuration:
IP : 10.1.x.x
Mask : 255.255.0.0.
Gateway : 10.1.0.1 (Router IP)
DNS 1 : 10.1.0.50 (Domain Controller)
DNS 2 : 10.11.0.24 (Domain Controller)
DNS Configuration:
Active Directory Integrated DNS Server
Forwarding set :
8.8.8.8 (Google Public DNS)
10.11.0.24 (Domain Controller)
TMG Server Configuration:
Edge Firewall
Internal network
IP : 10.1.x.x
Mask : 255.255.0.0.
Gateway : 10.1.0.1 (Router IP)
DNS 1 : 10.1.0.50 (Domain Controller)
DNS 2 : 10.11.0.24 (Domain Controller)
External network
IP : 10.6.0.3
Mask : 255.255.0.0.
Gateway : 10.6.0.1 (Router IP)
DNS 1 : 10.1.6.0.1 (Router IP)
Hi Members,
We have Office365 and SharePoint Site Can I Publish My this SharePoint Site on TMG Server as Publishing Exchange and Sites.
Hi guys.
Unable to add NPS role on server.
We would like to reinstall TMG.
bostjanc
TMG installed.
we see errors under SYSTEM event viewer: "Unable to add the interface with the Router Manager for the IPV6 protocol"
TCP/IP->IPV6 checkbox under LAN and WAN is unticked.
RRAS settings for IPV6 are on printscreen
Image may be NSFW.
Clik here to view.
Any hints how to avoid that error?
With best regards
bostjanc
I am running Server 2012 R2 with Exchange 2013 SP1 CU9. I am using the Exchange Server Deployment Assistant and I am at Configure Hybrid Deployment Prerequisites > Configure Exchange Web Services. I have configured my services and set the virtual directories
to use "mail.mydomain.com"
I am using article configure my TMG server. I have performed all the steps to the letter setting up for my environment.
I am now setting the properties and adding the paths. to this point every time I test the new rule it PASSES. I added autodiscover.mydomain.com and verify mail.mydomain.com are listed under Public Name tab and test the rule and it PASSES.
Then I select the paths tab and add the paths listed below and remove the default “/*” path, and then apply those changes
◦/ews/mrsproxy.svc
◦/ews/exchange.asmx/wssecurity
◦/autodiscover/autodiscover.svc/wssecurity
◦ /autodiscover/autodiscover.svc
When I test the rule it FAILS
I have verified in Powershell that the directories are correct. Any help on troubleshooting this issue would be appreciated.
I cannot run the Hybrid Wizard until I can perform the connectivity test and I cannot perform the connectivity test until the rule is in place.
Please assist if you can
Thank you
Steve
Hey guys,
We have a VOIP system added to our network.
We can call just perfectly but sometimes we seem not to be reached.
We contacted our VOIP provider and they said we need to check the UDP Idle Timeout.
We have some network engineers working on the router, but i would like to double check the TMG to be sure.
Can we manage the UDP Idle timeout timers in TMG 2010?
With kind regards, René de Meijer. MIEGroup.
Hi
I have TMG 2010 SP2 on Windows Server 2008 R2, I downloaded RU5 and Try to install but when is installing the setup freeze on status "Creating the services Configuration..."I letit run
for 5 hoursbut does not changethe state.
Before install RU I installed all critical updates for Operating System and Disable AV (Symantec)Image may be NSFW.
Clik here to view.
Any ideato solvethis problem?
Thanks.
Hi All,
I have interesting issues with an ISA 2006 SP1 to TMG2010 SP2 RU5 migration installed on 2008R2 Standard Edition. It is part of a migration /upgrade project. The TMG server is prepped and installed with the TMG software and imported the ISA configuration followed by repairing the Cert and Networking issues as the new server has a new FQDN and new set of DMZ and Production IP addresses. Initial testing has gone well and can confirm that all the web listeners are working and routing to the correct destinations. I have stumbled across an issue that I am trying to resolve with VPN. VPN is configured on the TMG and understand the RRAS is controlled by the TMG software. I have a Static IPV4 Address pool assigned and from the looks of things it all looks okay except that the Internal interface on the RRAS setting do not get an IP address assigned and remains IP Address = "Not Available" , Operational Status = "Non-Operational" , Administrative Status = "Unknown". I have also noticed that when I do a IPCONFIG /All , I don't see an "PPP adapter RAS Server" at all. I have removed the RRAS Role , with NPS and ran through the TMG Prep that reinstalls the Server Roles and Features , followed by a repair of the TMG software , however it does not cure the problem. I have been doing a lot of research and forums suggest the checking the ports GRE and the other ports. Note that L2TP and PPTP is enabled as default on ISA and these settings were migrated to the TMG. the Experience from a user using WIN7 with the standard WIN VPN comes back with an error 789 and expected as the current TMG VPN does not look like it is fully operational.
Any steer or guidance on this topic will greatly be appreciated.
Thanks
Deon
Deon MS Forum
Sorry this is long, but trying to get as much info into the initial post.
Basic configuration: Windows 2008 R2 server running TMG 2010 acting as passthrough (not NAT) router and firewall for an internally hosted application. External network of TMG is on our intranet; perimeter network hosts a W2K8R2 server running Terminal Services; internal network has DCs and certificate server for the environment. A few other servers for database, FTP and file services.
Users connect via secure RDP from outside the environment though TMG to Remote Desktop server. Once on that server they do various tasks, including download of data from secure FTP sites (over https) on our intranet.
Three main issues, which we believe are related and caused by TMG, but not able to find a root cause. These started approximately 1 month ago, but cannot see a connection with any changes in the environment or patches in May:
1. intermittent issues establishing RDP connection from clients on our intranet to the Remote Desktop server. Can fail when initially try to connect (generic "This computer can't connection with the remote computer" message). Sometimes they can get to enter their credentials, but then next stage when certificate for the secure connection is being checked they get same message and can't connect. In both instances within TMG log we see a Failed Connection with "The Object is shutting down" as the error message. Searching for help on this error message just comes back with lists of all the error messages on TMG and nothing useful to indicate what is actually shutting down. If they do make the connection it is stable - no reported dropouts or reconnections.
We have verified that making an RDP connection from the TMG to Remote Desktop server works each time, every time (and that a connection from outside the environment immediately after fails). Users working with the database and other internal FTP/file servers do not report any issues accessing these - all the issues seem to be with connection in to and out of the environment.
2. intermittent issues accessing externally hosted secure FTP sites from the Remote Desktop server to download data. These sites are accessible with no issues from outside the environment. Users have to authenticate with a smart card, select an option for the service they want and then either get to the FTP portal or get a "Service Unavailable" message (even though the service is definitely working). No Failure messages on the TMG. Again, once they do manage to get connected (which can take up to an hour after numerous attempts), connection is stable but can be slow.
3. intermittent issues accessing MS Exchange on our intranet from Outlook client running on the Remote Desktop server. Failed Connection message on the TMG for this https connection is "A socket operation was attempted to an unreachable network".
All the servers are VMs running on a single VMware ESXi 5.5 host. VMs have VMXNet3 NICs, so communicate at 10G between themselves. Physical NICs on host are 1G. There are many other VMs on the same host but no reported issues with any of these. The TMG and Remote Desktop VMs have sufficient CPU/memory, etc. with reservations set. The host has sufficient host and CPU.
We have run Wireshark from the client and Network Monitor on the TMG. In both we can see when making RDP connection you get Syn from client, Ack/Syn from RD, Ack from client, X224 request from client and then an Ack/Reset apparently from RD, but we are not seeing anything on the RD server indicating anything reaching it for the connection.
Can anyone make any suggestion on where to look next?
TIA