TMG 2010 SP1 and UAG 2010 SP1 are supported on Windows 2008 R2 SP1

Microsoft Windows 2008 Server R2 SP1 has recently been released. SP1 contains changes that are focused on supporting new types of hardware,
adding support for several emerging standards, and addressing specific reliability, performance, and compatibility issues.
SP1 changed areas relevant to TMG/UAG products are below:


Changed Sub areas



· IPsec

· Network Driver Interface Specification (NDIS)





· Authentication

· Crypto


Server Technologies


· Clustering and High Availability

· Directory Services

· DNS Server

· Internet Information Services (IIS)

TMG 2010 SP1 and UAG 2010 SP1 are fully compliant with the new Windows service pack.

We have successfully tested both TMG and UAG scenarios after the upgrade to new Windows service pack.
Moreover, installing TMG/UAG on Windows 2008 R2 SP1 machine is also supported.

When upgrading gateway machine to Windows 2008 R2 SP1, restart will be required.

After installation, the TMG/UAG services restart automatically.

We suggest upgrading TMG SP1 in the following order:

1. Enterprise Management Servers (master and replicas – only for TMG deployments).

2. Array managers.

3. Array members.

For deployments with NLB enabled, we encountered one issue:
After upgrading to Windows 2008 R2 SP1, creating new NLB cluster using the administration console may fail.
Machine network interface of the newly load balanced network will become disabled. 

As a workaround, we suggest rebooting the TMG/UAG machines after SP1 installation once again.

This will ensure that setting up new NLB cluster after Windows upgrade will succeed.


Author: Igor Zarivach, Software Design Engineer

Reviewer: Eyal Zangi, Senior Test Lead

Comments (4)

  1. Marc Grote says:

    Hi @all,

    I suspected a possible problem with TMG and Windows Server 2008 R2 SP1 where the TMG Server is used to filter traffic between different internal Windows domains where the Exchange 2010 Cluster environment is located in the root domain and the child domains accesses the Exchange Server via Outlook 2007/2010. After installing Windows Server 2008 R2 SP1 on the TMG nodes we have several Outlook connection problems, problems with accessing public folders and creating new Outlook mail profiles. The TMG log is full of failed / denied RPC requests. If I use Outlook Anywhere to connect to the Exchange Server internally, no problem. If I disable the RPC filter and create (a temporary) all Open rule there are also no problems. If I rollback the Windows 2008 R2 SP1 the problems are also resolved. I'm still investigating this issue and if the problem still exists I will open a MS PSS call.

    For all german readers, here is a blog post regarding this possible problem:

    regards Marc Grote

  2. Styrmir Jonsson says:

    Hi. is there any chnage to support Coogle Chrome's TLS false start

  3. Aryaan Ibrahim says:

    i recently upgraded one of my test TMG 2010 server to R2, after upgrade ISACTRL service not getting started,.

  4. Prabodh Sharma says:

    I wanted to to Know If TMG2010 works seamlessly on windows 2012 underlying IaaS VM hardware

Skip to main content