I have Windows 2008R2 x64 server with Tmg 2010 Sp2 RU4 installed at it.
At the time there are 2 NICs at server: Lan and Wan, but Wan is disabled now.
There are some Win XP/7 clients at Lan combined to one workgroup.
Now I have 2 rules regarding Lan:
LocalHost->Internal - All allow
Internal -> LocalHost - All allow
After server started it is shown at Network places in clients and is at 'Net view' command output.
I mean Network neighborhood, that is browsing service.
All clients are presented at here (Network places and 'Net view' output) also.
That is all works as needed.
After some time server and only server is disappeared as from clients Network places as fron 'net view' output.
And then will not be appeared anymore.
But if Tmg service stops, and following Tmg goes to lockdown mode, server is appeared again as at Network places as at 'Net view' output.
Also, server is appeared here if Tmg stops fullly (with stopping fweng.sys driver) .
So, as I saw that Tmg allow all outgoing traffic to all networks in lockdown mode and very strict in inoming traffic.
If server is appeared in lockdown Tmg mode and is disappeared in normal mode that It can be a result of some outgoing traffic from LocalHost blocked.
But I have 'Allow all' from and to LoalHost rules.
In the case what is blocked in normal mode and/or what network is traffic blocked to that works in lockdown mode ?
And what additional rule/rules do I have to insert to Tmg ?
By the way, I tried fweng.sys from the latest Roll Update for SP1 with my SP2 Ru4 and server is appeared at clients Network places but wasn' t at 'Net view' output.
What changes were made at SP2 driver in comparing with fweng.sys from SP1 line ?
Name resolving via NetBios works at both cases fine, moreover I have Wins server installed.
P. S.: I know that browsing server is mostly reling on Broadcast as on unicast too.
But I examined network traffic at clients with Wireshark and saw network broadcast packets succesfully are outgone from server.
More over as I said clients also are visible at as server as at clients itself, that is all works fine regarding broadcast except server itself.
Name resolving via NetBios works fine, nbtstat -a Server from client show all necessary name registered as workgroup, as server, as loal master browser mail slot special name.
And server is disappeared from browsing list if after 12 minutes or 3 times of 12 minutes server as LMB (my server is locl master browser also) does not receive LMB packets from itself ( I saw with Wireshark that it send it) .
And that is why server is disappeared from some time.
But I don' t understand what Tmg blocks and what network for that such packets can not come to server itself (as I understand, may I am wrong) .
Actually it is broadcast packets sent by server to destination IP 192.168.0.255. And server has to receive such packets.
And it works fine without Tmg or with Tmg but in lockdown mode.
Can somebody additional to answers for questions above explain what is it LocalHost ?
Is it fully isolated network with it own workgroup differing from internal net workgroup ?