ISA BPA 7 and Forefront TMG for Windows Essential Business Server


If  you are running Forefront TMG for Windows Essential Business Server (EBS) and you have problems you may find it useful to use the ISA Best Practices Analyzer version 7 (announced earlier in the blog post http://blogs.technet.com/isablog/archive/2009/05/06/announcing-the-availability-of-isa-tmg-best-practices-analyzer-version-7.aspx) and more specifically the ISA Data Packager which is able to gather diagnostic data while reproducing a problem.


 


More specifically you may want to have a look at the Firewall and Webproxy log files created when reproducing the problem. If your server is running in production the log snippet may contain a lot of clients going through TMG. So you load the file into for instance Excel to be able to filter the data in the file.


 


Then you start looking at the IP addresses to find the log entries you are interested in… which look kind of interesting, here’s an example:


 


c0a8b12c-ffff-0000-0000-000000000000


 


The format is IPv6 but you are not running IPv6 as Forefront TMG for EBS is not supporting it… so what is it? It is an IPv4 address in the shape of a IPv6 address and the reason for this is to prepare for future IPv6 support although Forefront TMG for EBS do not support IPv6 currently. The logging query function in the Forefront TMG MMC as well as the Reporting engine converts these addresses to IPv4 format, the issue does only occur when extracting log data directly from the database.


 


You can convert the IP address to “classical IPv4” as follows, take the first eight characters in the address and convert from hex to dec using for instance Calculator as follows:


 


c0 = 192


a8 = 168


b1 = 177


2c = 44


 


resulting in the IPv4 address 192.168.177.44.


 


If you would like to do this programmatically when querying the logs yourself you can use this SQL function.


 


NOTE: This function is provided as-is without expressed or implied warranty. Use at your own risk.


 


CREATE FUNCTION [dbo].[fnIpAddressToText]


(


    @Ipv6Address [uniqueidentifier]


)


RETURNS varchar(40) AS


BEGIN


    DECLARE @strInAddress varchar(40)


    DECLARE @strOutAddress varchar(40)


    SET @strInAddress = LOWER(CONVERT(varchar(40), @Ipv6Address))


    SET @strOutAddress = ”


 


    IF (SUBSTRING(@strInAddress, 10, 4) = ‘ffff’)


    BEGIN


        — ipv4 (hex to int conversion)


        DECLARE @IsNum int, @ZERO int, @IsAlpa int


        set @ZERO = ASCII(‘0’)


        set @IsNum = ASCII(‘9’)


        set @IsAlpa = ASCII(‘a’) – 10


        DECLARE @intH int, @intL int


 


        SET @intH = ASCII(SUBSTRING(@strInAddress, 1, 1))


        IF (@intH <= @IsNum) SET @intH = @intH – @ZERO ELSE SET @intH = @intH – @IsAlpa


        SET @intL = ASCII(SUBSTRING(@strInAddress, 2, 1))


        IF (@intL <= @IsNum) SET @intL = @intL – @ZERO ELSE SET @intL = @intL – @IsAlpa


        SET @strOutAddress = CONVERT(varchar(3), @intH * 16 + @intL) + ‘.’


 


        SET @intH = ASCII(SUBSTRING(@strInAddress, 3, 1))


        IF (@intH <= @IsNum) SET @intH = @intH – @ZERO ELSE SET @intH = @intH – @IsAlpa


        SET @intL = ASCII(SUBSTRING(@strInAddress, 4, 1))


        IF (@intL <= @IsNum) SET @intL = @intL – @ZERO ELSE SET @intL = @intL – @IsAlpa


        SET @strOutAddress = @strOutAddress + CONVERT(varchar(3), @intH * 16 + @intL) + ‘.’


 


        SET @intH = ASCII(SUBSTRING(@strInAddress, 5, 1))


        IF (@intH <= @IsNum) SET @intH = @intH – @ZERO ELSE SET @intH = @intH – @IsAlpa


        SET @intL = ASCII(SUBSTRING(@strInAddress, 6, 1))


        IF (@intL <= @IsNum) SET @intL = @intL – @ZERO ELSE SET @intL = @intL – @IsAlpa


        SET @strOutAddress = @strOutAddress + CONVERT(varchar(3), @intH * 16 + @intL) + ‘.’


 


        SET @intH = ASCII(SUBSTRING(@strInAddress, 7, 1))


        IF (@intH <= @IsNum) SET @intH = @intH – @ZERO ELSE SET @intH = @intH – @IsAlpa


        SET @intL = ASCII(SUBSTRING(@strInAddress, 8, 1))


        IF (@intL <= @IsNum) SET @intL = @intL – @ZERO ELSE SET @intL = @intL – @IsAlpa


        SET @strOutAddress = @strOutAddress + CONVERT(varchar(3), @intH * 16 + @intL)


    END


    ELSE


    BEGIN


        — ipv6


        SET @strOutAddress = @strOutAddress + SUBSTRING(@strInAddress, 1, 4) + ‘:’


                                        + SUBSTRING(@strInAddress, 5, 4) + ‘:’


                                        + SUBSTRING(@strInAddress, 10, 4) + ‘:’


                                        + SUBSTRING(@strInAddress, 15, 4) + ‘:’


                                        + SUBSTRING(@strInAddress, 20, 4) + ‘:’


                                        + SUBSTRING(@strInAddress, 25, 4) + ‘:’


                                        + SUBSTRING(@strInAddress, 29, 4) + ‘:’


                                        + SUBSTRING(@strInAddress, 33, 4)


    END


    —- guid sample ‘6F9619FF-8B86-D011-B42D-FFF34FC964FF’


    RETURN @strOutAddress


END


 


Anders Janson


Senior Support Engineer


Microsoft CSS Forefront Edge Team


 


 


Skip to main content