TMG 2010 not processing HTTP traffic, treating it as BranchCache- Retrieval packets

All Replies

• Saturday, August 06, 2011 4:00 AM

   

   
  

  0

  I'm having this exact same problem as described above. I have Exchange RPC and OWA already created in TMG and both of them work fine. I also am utilizing the VPN functionality of TMG and it works great. The only thing that I am not able to do is get an HTTP hosted Web Server published. I have been trying to publish a couple of redirects for OWA and also a couple of SharePoint sites and none of them are working. I have gone through and recreated the HTTP web listener a couple of different times and tried just setting up one HTTP site at a time and none of it works.

  Like Mr. Counts I ran the traffic simulator and get almost the exact same results as he did. All the HTTP protocols are treated as BranchCache-Retrievals and none of them are ever applied correctly to the corresponding firewall rule. The rules at the top of the firewall policy are just skipped like Mr. Counts' and then it eventually hits the default rule and stops.

  Any help would be greatly appreciated. I am just trying to find out where the problem lies as the simulator doesn't give very detailed information. I believe that the traffic is getting to TMG because I know that OWA and RPC and things are working but I don't know if it is getting to the firewall rule, or where the stoppage is occuring.

  I'm right there with you Mr. Counts and would love any help that anyone could offer.

  Tmark86

  • Reply
  • Quote

   
• Monday, August 08, 2011 4:02 PM

   

   
  

  0

  I think that I got my issue figured out and I thought that I would share it just in case it helps you or anyone else. TMG was not accepting any HTTP traffic on port 80 and was treating it all as BranchCache as I said above. I didn't know where the disconnect was and was going through and slowly disabling everything else on my TMG server until I got it working.

  It turns out that at some time IIS was installed and was running. The default site only had an asp.net folder underneath it. I stopped the default website and immediately my HTTP traffic on port 80 started working. This didn't change the BranchCache - Retrieval from the traffic simulator but it got my web publishing working and that was my end goal.

  Hopefully this is helpful to someone or someone can give a little insight as to whether IIS is needed on the TMG box at all. I would have never installed it and nothing is really setup on it. I just left it disabled and everything works.

  Tmark86

  • Proposed As Answer by Tmark86 Monday, August 08, 2011 4:03 PM
  •  
  • Reply
  • Quote

   
• Monday, August 08, 2011 5:37 PM

   

   
  

  0

  Tmark86,

  Thanks for the update! I actually took a look at this myself and I did have IIS running on one of my array nodes. I removed that role but am still facing the issue. Interestingly enough If I create a general port 80 allow access rule, then that rule picks up the packets on the traffic simulator and shows the protocol as HTTP. But as soon as I turn that rule off, it goes back to the BranchCache - Retrieval. I'm thinking about setting up a brand new array, and spinning up a couple of nodes on it and seeing if i can get a different result. I should mention that all the machines in this environment are virtual.

   

  MrCounts

  • Reply
  • Quote

   
• Thursday, August 11, 2011 12:41 AM

   

   
  

  0

  I hear you man. I really had no idea what was cutting off my HTTP traffic and was really glad when turning off IIS worked. Sorry it didn't work for you. This is my second TMG setup box and the first one had none of the issues that this second one has had. 

  I don't know if you have tried the microsoft network monitor or the built in TMG logging but either one of those may be of help. The TMG logging helped guide me a little bit but I was having a tough time reading the NetMon output. 

  Tmark86

  • Reply
  • Quote