This post is about an issue I came across while working on a case and thought of sharing with all. It was not a straight forward issue; well a lot of them are not! J , Issue was with a certain website hosted on an external web server, when users...

  Hello All! It’s Brett Crane from the Forefront Edge team here at Microsoft. I’ve noticed there have been a few questions regarding documentation on the best way to go from an Evaluation Version of TMG to the RTM version. I thought I would take...

  Introduction : It is a very common scenario where we use LDAP authentication for publishing web sites on ISA. We have seen some issues with LDAPS authentication when there are some Certificates on the ISA server which have both Client and Server...

We'd like to advise that Rollup 2 for TMG SP2 is now available. TMG SP2 Rollup 2 can be downloaded here: http://support.microsoft.com/kb/2689195 Please see KB  for details of the fixes included in this rollup. The Build Number is: 7.0.9193.540 Thank...

When we are publishing OWA, or every web service through TMG and we are willing to make use of FBA we have the chance to change our password through the FBA web form. However this step is not always as straightforward as it seems and there are some possible...

From time to time we come across the question why are the values of the Blocked URL requests at URL Filtering increasing on the dashboard, although the URL Filtering feature is disabled. In this post I would like to explain, what exactly we can see there...

  Introduction : When configuring TMG Reports to run at a Scheduled time, you can also configure it to send an email once the Report is generated. This can be useful for administrators to know that the reports have run and to let other people know...

We recently received a case from a customer reporting that the TMG log data were not being properly stored in a remote SQL database but was accumulated in the Large Logging Queue (LLQ). The LLQ is an improvement added in TMG, particularly useful in scenarios...

  Introduction: Recently, I worked on a case where we were publishing Exchange CAS (Client Access Servers) servers on TMG. We were seeing some unexpected behavior while using KCD (Kerberos Constrained Delegation) as the Authentication Delegation...

The concept of HTTPS Inspection (referred to HTTPSi later) was covered in a previous blog article by Yuri Diogenes, which also contains helpful formation about common issues that may occur. If you have missed it, you can find it here . This current...

The following Table summarizes the Forefront TMG Event IDs. This table was put into graphs with event information of the Forefront SCOM Management Pack 7.0. We hope you find it useful. Credits to Jan Tiedemann, Microsoft Forefront Sr. Premier Field Engineer...

Today I would like to describe an easy way to solve a small visualization mismatch related to the Update Center of TMG 2010. If you are a Forefront Threat Management Gateway administrator in a country where English regional settings are not used, it...

  We had a lots of customers reporting that after installing MS11-030 ( http://support.microsoft.com/kb/2509553 ), RRAS from time to time started to hang. Typical symptom was that VPN connections were no longer possible; the RRAS service could not...

Microsoft’s own Suraj Singh has some great info over on his blog about a couple issues you may see when CRM is published through ISA or TMG.  The issue is that when Internet based users would log on to the CRM site, they had to click on links twice...

Consider the following scenario. You are running an array of more than one TMG Server 2010 and need to establish a VPN Site-to-Site connection. Therefore you will need to define a connection owner. The reason for this is that you need to define a tunnel...

Here’s a new Knowledge Base article we published today. This one talks about an issue where HTTP redirects in TMG 20101 fail if the Exchange Edge role is installed on the same box: ===== Symptoms If you deploy Microsoft Threat Management Gateway 2010...

The story… one of our customers called in that he had just finished with the migration to TMG and as a last step he wanted to enable VPN Client Access. He did that, but the outcome was  unexpected. The TMG array was not reachable through the NLB...

Blank User Activity Report if domain or username contains accented characters Administrators creating a User Activity Report for users where the domain or user name contain characters that are not included in the english alphabet, may not be able to see...

We'd like to advise that Rollup 1 for TMG SP2 is now available. TMG SP2 Rollup 1 can be downloaded here: http://support.microsoft.com/kb/2649961 Please see KB 2649961 for details of the fixes included in this rollup. The Build Number is: 7.0...

  • Configuring Authentication on the Listener • On the Authentication tab of the Listener, select “HTML Form Authentication” from the drop down list and select “RSA SecurID” as the Authentication Validation Method. • Check “Collect additional delegation...

  Disclaimer: Many of the steps outlining the configuration of the RSA Authentication Manager v 7.1 software are not directly supported by Microsoft. They should be used as a guideline to help familiarize and guide you in this configuration. For...

  Disclaimer: Many of the steps outlining the configuration of the RSA Authentication Manager v 7.1 software are not directly supported by Microsoft. They should be used as a guideline to help familiarize and guide you in this configuration. For...

  In this blog post I want to discuss a solution, which we provided to one of our customers. The problem was linked to a published web site where specific flash content had not been compressed as expected by TMG/ISA. The first thing which is important...

  Some days ago a customer opened a case because an ISA array was randomly refusing all the incoming connections and a restart of the Firewall Service was required to make the connections be accepted again. After a quick investigation we figured...

Here’s a new KB article we published on TMG 2010. This one actually first came out a couple weeks ago but since it wasn’t announced at the time I thought I’d send out a quick heads up just to let you know it was there.  This KB article talks about...