We have a two node TMG implementation with no EMS. On each node I have tried setting the HTTP proxy as some posts suggest (either through the netsh command line or within IE). That got rid of the 80072EE2 error but now I am getting a 80244004 when attempting updates. The only posts I have found on that error seem totally unrelated (usually referring to ESET which we are not running).
I also added a firewall policy in TMG to allow HTTP and HTTPS from the localhost of each machine to the Windows Update sites (a predefined list in TMG). I am able to browse external sites from each machine just fine. FWIW according to the page below that error code means the SOAP client failed to connect.
http://technet.microsoft.com/en-us/library/dd939837(v=ws.10).aspx
If anyone has any ideas any suggestions would be greatly appreciated.
Thank you.