New rollups released for TMG 2010 and ISA 2006

We would like to inform you that we have released two new rollups.   Forefront Threat Management Gateway (TMG) 2010 Service Pack 1 We have released Software Update 1 Rollup 2. More information about the rollup is available in the following KB article- http://support.microsoft.com/kb/2475183   ISA Server 2006 SP1 Hotfix Package We have released a…


Quick Tip: Understanding TMG Client 64 bits Behavior

Have you ever wondered why Forefront TMG Client processes (FwcAgent.exe, FwcMgmt.exe) show up on Task Manager as 32bit processes as shown in Figure below? Many Firewall Admins start wondering why this happens even when they know that Forefront TMG Client is a full 64bit application. The answer is: this is an expected behavior. The Forefront…


Reasons to Migrate from ISA Server 2006 to Forefront TMG 2010

We know there are many customers who are extremely happy with ISA Server 2006 and have been putting off migration to Forefront TMG 2010. As 2010 is coming to an end, we think you should include migration to TMG 2010 as one of your new year resolutions. This post will focus on showing you why…


UI Search in TMG

Introduction UI Search is a TMG feature designed to help administrators instantly filter Firewall Policy rules according to a search criteria string. This feature resembles the "Search Inbox" in Microsoft Outlook and is generally designed to deliver similar functionality.   Usage – visual filtering UI search can be used to filter rules according to the…


TMG2010 site-to-site VPN fails to dial with error 913 (A Remove Access Client attempted to connect over a port that was reserved for Routers only)

Scenario When configuring site-to-site (S2S) VPN networks, you may notice that the VPN tunnel doesn’t connect. On the dialing TMG server, you’ll see the following event logs: Log Name:      Application Source:        RasClient Event ID:      20227 Description: CoId={A56F6195-18BB-44ED-AE45-34B70D127A2C}: The user SYSTEM dialed a connection named Net2 which has failed. The error code returned on failure is…


Windows Update fails for some workstations behind TMG when using WPAD

Introduction This post is about a recent scenario where TMG Administrator was receiving complains that some workstations that were using TMG as proxy were failing to run Windows Update. The interesting part of this issue was that only some workstations were having such problem and only if they were using “Automatic Detection” settings (which use…


Support for NLB on VLAN Tagged or Teamed Network Adapters

One of the most common questions we get is about TMG’s support for NIC Teaming and VLAN tagging with NLB enabled. We have recently released Software Update 2 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 1. This is a regular rollup of hotfixes which is available through Microsoft Customer Service and Support. One…


NIS Signature Types (or why some signatures are disabled by default)

NIS Signature set released last month (8.32) contained 4 signatures that were disabled by default: Plcy:Win/Sharepoint.SafeHTML1.XSS!2010-3243 Plcy:Win/Sharepoint.SafeHTML2.XSS!2010-3243 Plcy:Win/HTTP.SafeHTML1.XSS!2010-3324 Plcy:Win/HTTP.SafeHTML2.XSS!2010-3324 We’ve received a number of questions about why these signatures were off by default and thought it may be worthwhile to write about the NIS signature types again. As explained in the NIS in TMG whitepaper,…


When accessing TMG report hosted on IIS, images are not displayed

Consider the following scenario: You have configured reporting with TMG, and you have published the generated reports content on an IIS 7.5 Server (Windows 2008 R2) so that TMG administrators in your organization can access these reports from their workstation using a standard browser like Internet Explorer. Problem: The Reports are not displayed correctly in…


“No network adapters could be identified” error when choosing a network template in TMG

Introduction Some of our customers have experienced the problem described below when doing the initial network configuration of a fresh TMG installation. I wanted to share here the cause and solution to this issue. Consider the following scenario You have installed Forefront TMG 2010, but when running the Getting Started wizard, you get the error…