Dear All,
I was testing ports from my DC using PORTQUERY it display LDAP query to Port 389 is failed
My DC;s gateway is ISA server 2004 I have created an access rule allowing UDP netstat does not show UDP port 389
which causing Replication failure. windows 2008 R2 firewall is OK is any other thing to verify UDP 389 Port
God blessings...
RaSa
RaSa
Hi everyone
I have added a TMG 2010 in my network , every thing is ok but there is a little problem with captcha files , captcha is invisible on clients computers and they can not see its digits and letters .
if anyone has any experience or solution for it please let me know .
Thank you all
Hi,
We have a server onsite and staff are able to access it from the outside, using a URL. However, recently it has stopped working.
I have gone onto the ISA server where the rule was set and done a test connection. However, it has returned with the following error. We have not made a change in here from when it was working.
Category: Connectivity error
Error details: 10060 - A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Action: Go to http://go.microsoft.com/fwlink/?LinkId=115965
For someone reason our Forefront TMG running slow.
When Access the iis site from within company without going through Forefront TMG it works faster but when you try to login externally using ForefrontTMG RSA token it takes few minutes to load each page.
This has been happening for few days now. nothing has been chnaged which i can think might have caused this.
Hello viewers,
I want to block the http and https access for the specific user in my organisation.
Kindly please let me know how to block the user or group of users and allow the remaining users to access the internet.
Regards,
Ehetesham.
All other websites are working with authentication however one particular website is being denied for some strange reason?
Does anyone have any ideas as to why?
Denied Connection PERDMZ01 14/05/2013 10:07:58 AM
Log type: Web Proxy (Forward)
Status: 12209 Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied.
Rule: Allow Web Access for All Users - Authenticated
Request: GET http://www.medallionclub.com.au/
Filter information: Req ID: 098601fe; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protocol: http
User: anonymous
Hi.
My environment has 2x TMG 2010 std servers (TMG A and TMG B for this discussion) with the latest service pack and rollup and one exchange server behind them. Only TMG A has smtp inbound published. A recent issue I found is that sometimes email with an attachment from external fails with the following error:
4.4.2 Connection dropped due to SocketError
or
Last Error: 421 4.4.2 Connection dropped due to ConnectionReset
I then published smtp on the second server and the email goes through fine. After three days of testing I found that by disabling the NIS service on TMG A it allows the email to go through. My server sending me the email via the internet is not on any sbl list nor is my server receiving the mail.
My question is how can I find out which specific filter in NIS is causing this failure?
additional info.
tmg log states the following:
Status: A non-SYN packet was dropped because it was sent by a source that does not have an established connection with the Forefront TMG computer.
Source: ExternalWhat I don't understand is why it is trying to communicate with the local tmg server when the rule is published to allow it an inbound connection to the mail server.
It is clearly a problem with the TMG A server as the TMG B server is allowing the mail through.
Best Regards, Morris Fury AFRIDATA.net
Hello All,
I'm confused and in need to some guidance.
My current setup:
Problem:
Where I need guidance:
How do I enable the connected VPN clients on Site A to connect to resources in Site B?
Thanks in advance for your help :)
Noorish
Recently we have implemented TMG 2010 before that we was using ISA 2006. We have Active Directory based on windows 2003. All the user get the proxy address and port number from AD group policy. After implement TMG 2010 user is not getting automatic proxy address from AD group policy. If i put the manual proxy address in the workstation after restart the workstation proxy showing blank in IE. Please give a solution.
Thanks
Mahatab Rahimafrooz
Hello,
I am trying to configure TMG to allow EdgeSync for my Exchange 2010.
When I follow the steps to create and Generate Edge Subscription Files, I receive an error: Microsoft Forefront TMG Managed Control Service on server TMG is not responding.
The service is started, reseting it or reseting the server does not help. No errors are found in the Event Viewer. Whatever I try to do, I am unable to generate subscription files and am stuck at that point. Disabling - reenabling the Connectivity for EdgeSync does not help also.
Can it be related to configuration? I had EdgeSync working before I implemented TMG 2010. Now when I have Perimeter network and my Edge role is in there, I am simply trying to make it work through TMG.
Thank you in advance.
Hi All,
I've found some similar threads but nothing seems to directly address the problem i'm having or what i'm misunderstanding?
I'm trying to pass through a PPTP connection to an internal server (private IP) so I've created a non-web server publishing rule which apparently doesn't seem to work or get recognised. I'm not sure where i'm going wrong as there's not a great deal to configure? the connection just seems to be blocked by the default rule with no regard for the publishing rule. IP's etc a correctly matched and routing between the internal and external network is over NAT.
When I create a non web publishing rule it only seems to work properly if the server IP address is publicly routable? If it's a private IP it doesn't work. Is this by design or have I misunderstood something?
any help is greatly appreciated.
Hi,
Today i enabled https inspection by following this article
http://www.elmajdal.net/isaserver/Enabling_HTTPS_Inspection_With_Forefront_TMG_Server_2010.aspx
After enabling , all the https websites start showing untrusted connection , If i add the site in exception then it works fine.
I am looking to stop only facebook https and other sites
Regards
Usman Ghani
Usman Ghani - MCITP Exchange 2010
After installing symantec endpoint protection server ForeFront TMG 2010 with only antivirus features, TMG began issuing the alert message:
Forefront TMG detected Windows Filtering Platform filters That may cause policy conflicts on the server HPML350. The Following providers may define filters That conflict with the Forefront TMG firewall policy: SYMANTEC CORPORATION.
The configuration of the antivirus antivirus protection just for this, ie a set of basic protection, moreover done the necessary checks on the main exclusions of folders.
I wonder if anyone knows what might be happening
thank you
MCP - MCTS
Hi,
I'm looking for some information on how to go about publishing SharePoint 2010 with Forefront TMG.
Here's my current set up -
I'm trying to configure Forefront TMG to allow me to access the SharePoint web site externally using the intranet.domainname.com address.
I'm trying to set it up so I can use the default Forefront TMG login page to authenticate users in active directory.
I've tried setting up publishing rules in TMG and set up a listener but I cannot seem to get the login page to appear.
Could anyone point me in the right direction of how to properly configure SharePoint with a TMG using publishing rules? I really need this to be working and have exhausted the Google searching on how to do this!
Thanks in advance
I have Tmg 2010 in hyper-v guest its working very well accept "Reports". When i create report manually it works properly. i have scheduled a daily recurring report but its not generated.
i don't know what happen suddenly i have just updated my tmg to"Sp2 Rollup 2"
Akshay Pate Server Administrator
Has anyone tried successfully installing Forefront TMG 2010 on Windows Server 2012?
I tried but failed, it complained about unable to add roles and features.
Valuable skills are not learned, learned skills aren't valuable.
We have exchange 2010 and last friday our outgoing email started to be blocked by spamhaus and prs. I do not know why this is as I had changed nothing. The error is 550 and the ip it's showing is the our external internet ip not the external ip for exchange. We use Forefront-TMG as a firewall. incoming email works fine. Where do I look to find the settings I need? I am a new user with this product.
Annette Zacharias
I am setting a two node UAG cluster to publush SHarepoint.
Below is my ENV.
Tow nodes are phisical servers.
both upgraded to UAG SP3.
External NIC are facing internet(PUB IP)
Internal NIC no default Gateway.
use UAG Integrated NLB( no hardware NLB involved)
Array setup was successful, and I can see two nodes in Web Monitor.
but the second node status UNKNOWN.
if I check this from WIndows NLB console, there is an error: second node RPC server is not available.
obvously there is communication problem between the two nodes.
pingable from each other though.
first node is converged and Synched, and Sharepoint works fine through the portal truck.
disjoined the Array and rejoined the Array just using the same Domain Netbios name only. but No luck.
I have been trying to figure out by testing this in virtual environment (NIC set to detect VLAN) . just no luck.
Any Idea?
Thank you in advance,
John