Dear All,
I was testing ports from my DC using PORTQUERY it display LDAP query to Port 389 is failed
My DC;s gateway is ISA server 2004 I have created an access rule allowing UDP netstat does not show UDP port 389
which causing Replication failure. windows 2008 R2 firewall is OK is any other thing to verify UDP 389 Port
God blessings...
RaSa
RaSa
Does the TMG have any capability to optimize real time streaming media flows from the Internet? By that I mean if two or more people tuned in to the same real time streaming media would the TMG bring in only one flow from the Internet and then distribute it to the two or more clients?
Thanks, Boris
I have 2 TMG servers with 2 network adapters. I followed next article to deploy Standalone array:
http://technet.microsoft.com/en-us/library/dd440981.aspx
After these task I have this error in Monitoring -> Configuration (Array Manager console) on the Array Managed server:
"Forefront TMG management cannot establish a connection with the Forefront TMG computer"
If I go to the Array Managed server console it is ok.
I have both servers added to "Managed Server Computers" and "Enterprise Remote Management Computers".
I need help to fix this issue.
I see this post:
But Do I need the cert if the server are domain members?
Also intra-array network adapter are required or recommended?
Dario Woitasen | MCSE Lync Server 2013 | MCITP: Enterprise Messaging Administrator 2007/2010, Lync Server 2010 Administrator
HI,
Like Full report , is it possible to get a report for single user containing information or all site download , upload and traffic which http , https or ftp etc.
Regards
Usman Ghani
Usman Ghani - MCITP Exchange 2010
We have SBS 2003 with ISA Server 2004. We are installing an appliance (Mail Archiving) that will have its own IP address on the network. The instructions say to open certain ports. For example:
Port: 123
Direction: In/Out
TCP: NO
UDP: YES
Would we create Access Rules for each port or do we create Server Publishing rules? Basically the appliance needs to be able to be remotely supported and receive updates from Internet.
Thank you!
Hi guys,
Actually, I'm deploying a new TMG server in my company and everything is working fine. However, a I have a small problem and until now, I couldn't solve it.
I have a link with a customer that works as described on picture below.
Image may be NSFW.
Clik here to view.
I need to reach the 10.x.x.x network, but I do not have any interface on my server in this network. So, I'd need to route any packages from my LAN (172.20.1.x) to the ISP firewall (192.168.1.x). However, this is not my default gateway, because this interface will used just to reach network 10.x.x.x.
How can I configure it on TMG?
Thanks a lot!
Lawrence Carvalho
kendi imkanlarıyla atomu parçalayan adam!
Hi all
My environment is Forefront TMG 2010+ SharePoint 2010.
In this document:http://technet.microsoft.com/en-us/library/cc441474.aspx
HTTPS to HTTPS bridging:
| This scenario requires a server certificate on the Forefront TMG computer in order to authenticate it to the external client and requires a server certificate on the backend Web server in order to authenticate it to the Forefront TMG computer. |
These two certificate should be same, or not?
when i select as following pic, I can not see my certificate file. but i have imported it to this path: Certificates(locate computer)-> Personal->Certificates. and in the HTTPS Listener's properties can see it.
Anybody have idea about this?
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
I opened up TCP Port 1433 in ISA, but I still receive the following message when I try to connect to my outside SQL Server Database with SQL Server Management Studio.
Status: A packet generated on the local host was rejected because its source IP address is assigned to one network adapter and its destination IP address is reachable through another network adapter
Any ideas?
Hi
I faced high cpu problem on one of our TMG servers and it was caused by Windows Firewall service. After investigating I thought to restart the service and when you are going to restart it, it asks you: Do you want to restart these related services too (many
TMG services). At this point I started to wonder what will happen if I restart TMG services. Is it a security risk? In worst case scenario there is network attack going on and if I restart all the services will it allow connections come through while TMG is
restarting?
hello ,
I would like to know how HTTP requests works in details, where the request goes first to the TMG Firewall or DNS ?
Note that I already configured the browser with proxy address and port 8080.
Thank you,
Tarek Faraj
Hi,
I have several customers that wanted to deploy TMG Server as a web proxy/firewall back-end, but we all know that TMG is dieing? Which product offers exactly the same functionalities?
Cristian L Ruiz
Hi all,
I am having a problem where our TMG array will intermittently alert through SCOM that the LDAP servers have failed to respond. We have 2 TMG servers running 2010 SP2 RU1, and each will occasionally flag an event 21286 that it could not contact the DC. However, all functionality appears to be fine.
I have followed all the suggested steps for resolution in the SCOM alert and everything is already in order. I have also confirmed that all is set up according to this guide: http://blogs.technet.com/b/keithab/archive/2013/05/01/3483834.aspx The LDP utility allows me to connect to the DC mentioned in the alert without any problems, and yet we still get these alerts.
Any advice on how to get to the root of this would be much appreciated! Failing that, if this is a "false" alert since everything appears to be working fine, is it safe to override the alert in SCOM?
Many thanks!
G
hi
i have imported firewall policy from a tmg in domain x.com and imported theme to tmg in domain y.com
i have already created the users and schedules in the tmg in domain y.com an then import firewall policy
and clients in spesific schedule rule can not access to internet except clients in full time schedule
how can i fix this?
thanks for helping
Dear All
My system using TMG 2010 happen error " Forefront TMG detected a possible SYN attack and will protect the network accordingly" and all PC clent can not access to Internet.
There are some legal reasons for a clients which creates more connections at a timeto my customer fortheir work
Please help me how fix this problem.
Hallo everybody,
I have currently published several sites in ForeFront TMG. The users access these sites with their smarphones (Android, iPhone). For authentication every user has an own certificate installed on its device.
TMG is configured to request client certificates for authentication. If there is no certificate present, the TMG asks for username and password. So far so good.
The only problem I have now, is that my certificates are valid for 1 year. If the certificate expires, the ForeFront TMG does not fall back to basic authentication, because it still gets the certificate delivered. The user do not have any possibility to log in. It only works, if they manually delete the expired certificate.
It is not a problem yet, but in some months if somebody forgets to install a renewed cert on its device, it could lead to a situation where there is no login possible.
Can I somehow configure ForeFront in a way, that it tries basic authentication, after a certificate based authentication failed, because of expiry or revocation?
Thanks in advance
Mailer
