Quantcast
Channel: Forefront TMG and ISA Server forum
Viewing all 3822 articles
Browse latest View live

SQL Server Backups are not moving to FTP server

June 10, 2019, 1:50 am
$
0
0

Hi,

Daily we are moving SQL backups from SQL server to FTP server with schedule plan with the use of Task Scheduler.

previously it was working fine but since last 1-month backup files are not moving with data to FTP server. only backup files names are moving with 0 KB.

Can you please suggest me what changes do I need to do in SQL server or FTP server.

Thanks in Advance.

Search

Forefront TMG doesnt block websites as it should / attached are reports hoping that someone can suggest or help

June 14, 2019, 5:33 am
$
0
0

Hello folks,

As far we i know we have configured our Forefront TMG the same way we had it few years ago in our old office but we had to re-install a brand new one and have it configured again from the beginning.

We installed all patches the latest ones that were available and have our TMG running on Windows Server 2008 with latest updates.

So the issue is that we added few rules for example blocking Facebook and it seems to work fine. However there are some issues that are not blocking the other websites we continued to add instagram as a long locally because we know TMG doesnt get updates now for url filtering  but it doesnt seem to block them.

When enabling https it blocks then every single website.

Is there a way someone can help us diagnosing what exacly is the issue? 

I have attached here the logs,firewall policy and the web filtering logs as well hoping that someone can see whats really happening here?

See below the links with these 3 config and log files:  https://gofile.io/?c=Ey7v1U

Here is the gpreport.html file as well hoping that it might be also a gpo issue because when im doing the gpupdate i get an error saying The processing of group policy failed....   GPOreport.html here:  https://gofile.io/?c=p3wgqR

  Thank you all

 

How to add HTTP Header Response X-Frame-Options:SAMEORIGIN from OWA published via Forefront TMG 2010 to stop Clickjacking

February 27, 2013, 7:41 pm
$
0
0
How to add HTTP Header Response X-Frame-Options:SAMEORIGIN from OWA published via Forefront TMG 2010 to stop Clickjacking. I have put the IIS setting X-Frame-Options:SAMEORIGIN  on my Internal CAS Server. However as the OWA page is published through Forefront TMG 2010, the iFrame tag is not blocked when the page is first opened. Only when you login with your credentials to the OWA page inside the frame and the page reaches IIS on the Internal CAS it gets blocked. I want to block it in the first instance when it is opened from TMG.

Clickjacking vulnerability OWA

July 5, 2013, 8:15 am

Connectivity with TMG servers in between networks

June 19, 2019, 7:28 pm
$
0
0

Hi

I've got a question about connectivity between different networks. We currently have the following networks (sites):

AzureNetwork

HQNetwork

BranchNetwork

In the past, we simply had the HQNetwork and BranchNetworks and have a TMG server at each site and a TMG site to site VPN between the two sites. All good and no issues.

We have recently been working with Azure so I've setup a network in the cloud, the AzureNetwork, and I was able to link our TMG server and the HQNetwork together with a site to site VPN.  All good.  I had a slight hiccup in that my VPN users couldn't access the AzureNetwork when they were connected to the TMG VPN but I resolved that by updating some of the network rules so that now works.

My problem now is that I'm trying to allow access from the BranchNetwork to the AzureNetwork and it's not working.  I've setup/updated what I think are the correct rules on the HQNetwork TMG server but I still can't get to the AzureNetwork from the BranchNetwork or the other way around.

Do I need to make any changes on the BranchNetwork TMG server?  

Thanks in advance

Nick

I need to find out how to allow POP3 access to an external server.

June 27, 2019, 3:48 pm
$
0
0

I need to find out how to allow POP3 access to an external server. I want to be able to download my e-mail from a POP3 e-mail account to my Outlook program. apparently Windows firwall has started blocking access to the ports.

Forefront TMG VPN Restrict simultaneous logins for same user

July 1, 2019, 2:00 am
$
0
0

HI

i need your help to solve this, i have Forefront TMG 2010 and i use VPN and have AD user connect to VPN from the TMG i want to Restrict simultaneous logins for same user, all user should connect from one device only, i have AD group for the VPN Users . thank you

Tool - Registry Compare

November 15, 2010, 6:30 am
$
0
0

Hello All,

I am looking for an way to compare system registry between 2 servers.

Can someone suggest me a easiest way / tool ?

Thank you,

 

 

Thanks Jebaz Norton
Search

Updates for ForeFront TMG (and UAG)

July 8, 2019, 7:16 am
$
0
0

Hello,

I'm looking for recent updates for Microsoft ForeFront TMG and UAG.

I have updated my TMG up to KB 2555840 (and the UAG up to KB 2861386), but I can find no way to get the remaining updates KB 2649961, KB 2689195, KB 2735208, KB 2870877 and KB 2954173 (and analogically for UAG KB 2922171 and KB 3060650).

I would appreciate some advice in that case.

Sincerely,

Lukasz

TMG 2010 denying connections

July 10, 2019, 3:52 am
$
0
0

We have a application that is struggling to connect successfully to cloud services for DNS verifications etc. Our TMG server is denying connections when logging is enabled from my local computer.

I created an access rule allowing all outbound traffic from internal to the specified range. When i launch the app from my pc, i do see successful connections however vast majority are logging the following:

I noticed that there does not seem to be a rule applicable resulting in the denied connections? Is there any other rule that i need to create to ensure successful connections?

Denied Connection
<id id="L_LogPane_LogType">Log type:</id><id id="L_LogPane_FirewallService">Firewall service</id>
<id id="L_LogPane_Status">Status: </id>A non-SYN packet was dropped because it was sent by a source that does not have an established connection with the Forefront TMG computer.
<id id="L_LogPane_Rule">Rule:</id>None - see Result Code
<id id="L_LogPane_Source">Source:</id>Internal (172.20.128.46:47314)
<id id="L_LogPane_Destination">Destination:</id>External (41.74.203.10:18095)

<id id="L_LogPane_Protocol">Protocol: </id>Unidentified IP Traffic (TCP:18095)

Denied Connection
<id id="L_LogPane_LogType">Log type:</id><id id="L_LogPane_FirewallService">Firewall service</id>
<id id="L_LogPane_Status">Status: </id>A connection was rejected because the maximum connections rate for a single client host was exceeded.
<id id="L_LogPane_Rule">Rule:</id>None - see Result Code
<id id="L_LogPane_Source">Source:</id>Internal (172.20.128.46:49560)
<id id="L_LogPane_Destination">Destination:</id>External (41.74.203.10:18409)

  • <id id="L_LogPane_BytesSent">Number of bytes sent:</id>0<id id="L_LogPane_BytesReceived">Number of bytes received:</id>0
  • <id id="L_LogPane_ProcessingTime">Processing time:</id>0ms<id id="L_LogPane_OriginalClientIp">Original Client IP:</id>172.20.128.46

TMG 2010 Timeout setting

July 31, 2019, 7:43 am
$
0
0

Hello,

We are using TMG 2010. I want to understand the difference between following timeout settings on Listener tab & when these settings are getting applied.

Forms - Advanced - Client Security Settings - Treat as Max Idle time &

Connections - Advanced - Connection Timeout

Thanks in Advance.

Accessing a web service behind a TMG Server

July 31, 2019, 8:33 pm
$
0
0

I'd like to access a SharePoint web service behind a TMG server. The TMG server requires form based authentication and I'm not able to get past that. This is what I've tried:

$user='domain\user'
$pwd=Read-Host -AsSecureString
$loginurl="https://domain.com/CookieAuth.dll?Logon"

$body = @{
    username=$user
    password=$pwd
}
$response=Invoke-RestMethod -Uri $loginurl -Method Post -Body $body
$response

I then plan to use the cookie to access the web service:

$Url = "https://domain.com/Sites/Test/_api/web/lists/GetByTitle('TestList')/items"

$header = @{

 'token' = 'TokenValueFromPreviousResponse'

}

Invoke-RestMethod -Method Post -Uri $Url -Header $header | ft

I can't get the first part working. I also had a look at this blog post but it doesn't give much details: http://sharepointificate.blogspot.com/2011/09/accessing-sharepoint-webservices-behind.html

Any help appreciated.

Monitoring TLS 1.0 / Weak Ciphers on TMG 2010

August 6, 2019, 5:48 pm
$
0
0

Hi Everyone,

Is there a way to report on or monitor TLS 1.0 / Weak Ciphers on TMG 2010 using the TMG product itself or do I need to use wireshark or Microsoft netmon?

Thanks in advance.

FF TMG 2010 on Server 2012

July 6, 2012, 11:29 pm
$
0
0

Has anyone tried successfully installing Forefront TMG 2010 on Windows Server 2012?

I tried but failed, it complained about unable to add roles and features.

Valuable skills are not learned, learned skills aren't valuable.


Creating Rule to allow whatsapp on Forefront TMG

November 22, 2013, 2:59 am
$
0
0

How to create rule on ISA TMG to allow Android apps to access whatsapp and others apps available on Android phone.

Viral Rathod Blog : http://viralr.wordpress.com

Search

Traffic bandwith on TMG?

September 9, 2019, 1:03 am
$
0
0

Hi.

We are in phase of retiring TMG and replacing it with other Firewall, but we would like to collect some statistics from TMG what's the bandwidth use, so we can decide how powerful Firewall we need for replacement.

How could we achieve to monitor (per seconds request) to our TMG?

We have IIS website deployed over TMG.

Please advise.

with best regards

BCR

TMG logging to LLQ

September 10, 2019, 4:47 am

How safe to remove TMG Logs having extension *.llq

March 10, 2013, 7:46 pm
$
0
0

TMG 2010 on windows 2008 R2 low disk space into active partion C: drive

After running tool I found 98.3% of space is occupied by Log files located under C:\Program files\Microsoft Forefront Threat Management Gateway\Logs

The log files named as ISALOG_72D6EDF5_xxxxxx.llq (where xxxx are numbers)

How safe it is delete or remove these log files?

Muhammad Mehdi

can i install Forefront Threat Management Gateway (TMG) 2010 on windows 2016 STD

July 4, 2018, 8:23 am
$
0
0
can i install 

Forefront Threat Management Gateway (TMG) 2010 on windows 2016STD server. if Yes please provide steps. i am facing issues to install this on win2016 server. 

Replacing TMG ?

September 27, 2019, 6:04 am
$
0
0

Hello Cool people, 

We are on the process of upgrading all our Windows 2008 Server OS to a newer version as End of Life for 2008 is just around the corner.  We are stuck on our TMG server as TMG only runs on 2008 and does not support 2012 of later (please correct me if I am wrong about this). Our TMG is mainly used for Lync and Office Web Apps and WSUS.  Has anyone get a chance to be on the same scenario? I'm reading up on Web Application Proxy ( windows server 2012)  to replace TMG.

Has anyone get a change to make this changes and make this work? Any recommendations?

Best, 

Viewing all 3822 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>