Questions tagged [microsoft-ftmg]

Microsoft Forefront Threat Management Gateway 2010 is the current version of the product previously known as ISA Server. TMG 2010 adds subscription-based URL filtering and malware protection, the free-subscription-based Microsoft IPS Network Inspection System, and HTTPS inspection.

Microsoft Forefront Threat Management Gateway (TMG) 2010 is the current version of the product previously known as ISA Server. ISA Server 2006 was the last product to use the ISA Server name.

TMG 2010 adds:

subscription-based URL filtering
subscription-based malware protection
(free) subscription-based Network Inspection System (NIS), a Microsoft-centric IPS
outbound HTTPS inspection
Forefront Protection for Exchange integrated management from the TMG console (Exchange Edge and FPE required, sold separately)

Other notable changes:

The Enterprise Edition EMS (roughly analagous to the older CSS) can now manage standalone Standard Edition servers, which can make branch office deployments cheaper
SP1 adds click-through user overrides for URL filtering
SP1 adds a simple BranchCache setup interface
SP1 Software Update 1 adds support for SafeSearch filtering

22 questions

votes

2 answers

forefront TMG 2010 ... UPnP Port mapping

I've tried googling the answer for a few days now, have come up with very little apart from http://retrohack.com/how-to-enable-xbox-live-behind-tmg-2010/ but can only publish ports on 1 ip address which isn't ideal as we have a few xbox's on our…

asked Jun 21 '10 at 15:29

Rhys Evans

votes

3 answers

Allow Broadcast to 255.255.255.255 through TMG/VPN (for NetBios Resolution)

Is it possible to allow a VPN client to do NetBIOS broadcast name resolution through TMG? In the TMG Queries I can see the rule that is blocking ClientIP->255.255.255.255 I've tried adding 255.255.255.255 to the Internal IP Range. My VPN Client…

vpn netbios microsoft-ftmg-2010 microsoft-ftmg

asked Dec 07 '11 at 15:58

Alex Duggleby

votes

1 answer

General Forefront TMG 2010 network / proxy configuration

We have decided to test and then deploy a Forefront TMG server on our network of 50 - 75 users (Windows 7, XP Clients, Windows Server 2008R2 Servers and a few Linux Boxes) Our Network Topology is : 4 Floors (4 Lan Switches) > Connected to a Core…

microsoft-forefront-2010 microsoft-ftmg microsoft-ftmg-2010

asked Jun 15 '11 at 05:35

Mutahir

2,347
2
32
42

votes

3 answers

Forefront TMG 2010: Can you monitor realtime TCP connections and bandwidth on a per-user basis?

I'm just starting a trial of ForeFront TMG to use as a proxy server. I know I can get a real time activity monitor and filter on a per user basis, but would like to be able to get a real time activity monitor of all users that I can then sort by…

proxy microsoft-forefront microsoft-ftmg microsoft-ftmg-2010

asked Mar 10 '11 at 12:04

user65235

votes

1 answer

How do I configure a domain-joined, single NIC TMG box in the DMZ to publish Exchange?

I'd love to see some good guidance on the following scenario: Customer has a requirement to publish Exchange services securely over the Internet. The Customer has an existing hardware firewall and as such TMG should have a single nic on the DMZ…

exchange exchange-2007 exchange-2010 microsoft-ftmg

asked Jul 29 '10 at 00:42

Jacob

vote

1 answer

TMG reverse proxy and basic config

I recently set up TMG2010 and I believe I've done something wrong with my configuration. I do not want to run anything extra apart from a web publishing/reverse proxy setup. My internet goes to an ASA, it is natting port 80 of the external static to…

web-server reverse-proxy microsoft-ftmg-2010 microsoft-ftmg

asked Sep 11 '14 at 22:13

Abraxas

1,199
1
15
25

vote

1 answer

Asymmetric routing with two ForeFront TMG 2010 firewalls

I have a bizzarre networking problem. There is a network, a single IP subnet: 192.168.60.0/24. The network has two Internet-connected firewalls (running ForeFront TMG 2010), 192.168.60.253 (production) and 192.168.60.240 (development); this is a…

routing microsoft-ftmg-2010 microsoft-ftmg tmg

asked Nov 07 '12 at 15:47

Massimo

68,714
56
196
319

vote

1 answer

Threat Management Gateway can't access share on NAS

My network looks like this: DC - SERVER01 - Windows Server 2008 SBS TMG - TMG01 - Windows Server R2 Standard NAS - DATASTORE - Cisco NSS6000 All machines and devices are joined to the domain. I can access \\datastore\backups from…

cisco network-attached-storage isa-server microsoft-ftmg

asked Jun 27 '11 at 01:25

sam

vote

2 answers

Configuring TMG to allow a connection through the firewall

Here's the basic outline of the problem: I'm trying to ping from 192.168.0.2 to 192.168.10.2, but the ping dies on reaching 192.168.10.1. Obviously TMG is blocking it with the firewall. :) Assuming this is a fresh install, what do I need to do in…

firewall ping microsoft-ftmg microsoft-ftmg-2010

asked Apr 03 '11 at 21:45

Sergio Tapia

vote

1 answer

Forefront TMG Proxy blocking internal HTTP requests for FQDN

I have Forefront TMG installed as a proxy server. However, whenever I make HTTP requests to servers on the Internal network with a fully qualified DNS name, the proxy denies the connection. Denied Connection FRW-02 18/03/2011 20:06:37 Log type: Web…

proxy blocking microsoft-forefront microsoft-ftmg microsoft-ftmg-2010

asked Mar 18 '11 at 23:18

Pascal

vote

1 answer

Redundancy and Automated failover using Forefront TMG 2010 Standard between Production-DR site?

I'm using MS TMG 2010 Standard as my single firewall to publish my Exchange Server and IIS website to the internet, however it is just one VM in the DMZ network with just one network card (vNIC), what sort of redundancy method that is suitable for…

isa-server microsoft-ftmg microsoft-forefront-2010 microsoft-ftmg-2010

asked Mar 03 '11 at 11:57

Senior Systems Engineer

1,155
2
27
55

vote

1 answer

Client VPN works, but only from certain locations (ISA/TMG)

I've done something very simple. Or so I thought... I have setup VPN client access in TMG (or ISA, they're pretty alike). I created a group called VPN in AD, added that as allowed VPN users in TMG, setup a IP scope for VPN clients…

vpn pptp isa-server microsoft-ftmg

asked Oct 21 '10 at 11:39

jos

vote

0 answers

Microsoft TMG 2010 Sp1 override if authenticated?

I have a TMG 2010 SP1 server running on Server 2008 R2 in a single-NIC configuration - not live yet. I will be allowing web access in three fashions: one method is using the TMG as the default gateway for our network so that devices that don't…

content-filter microsoft-ftmg

asked Aug 24 '10 at 20:24

Dan

1,278
18
27

vote

2 answers

How do I allow access to a service running on a Forefront TMG Server?

I'm setting up Zabbix for monitoring on our network. So far everything is going well, the agent is installed on all the servers. All the servers except the Forefront one are communicating with the Zabbix server. I cannot connect to the the…

firewall zabbix microsoft-ftmg-2010 microsoft-ftmg zabbix-agent

asked Jul 19 '10 at 09:43

Richard C

votes

1 answer

RRAS vs ISA Server vs Forefront Threat Management Gateway

I was hoping someone could explain to me the differences between RRAS, ISA Server and Forefront Threat Management Gateway. As far as I can tell they all sort of do exactly the same thing? RRAS allows Routing and VPN on Windows Server 2008. ISA…

windows-server-2008 firewall rras microsoft-ftmg isa-server

asked Nov 22 '09 at 14:10

Django Reinhardt

2,256
3
38
55

2 Next