Tuesday, September 07, 2010 11:34 PMI recently installed SP1, but began to experience problems immediately. We have a number of IP-recognition services which fail with SP1 installed. It appears to me that TMG is NATing our connections even though all the network rules are set to "Route." Another related symptom is that all incoming traffic to our web servers appears to come from the TMG internal IP rather than their true IP. Any suggestions would be greatly appreciated.
Wednesday, September 08, 2010 6:26 AM
are these services HTTP or HTTPS based? Even if you use a ROUTE relationship, every HTTP/HTTPS traffic flows through the Webproxyfilter in ISA/TMG and will be NATed. AFAIK this has not changed since ISA 200x days.
for teh other problem please check if your publishing rules are configured so that the "Traffic appears from the original client"
regards Marc Grote aka Jens Baier - www.nt-faq.de - www.it-training-grote.de - www.forefront-tmg.de
- Proposed As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Thursday, September 09, 2010 8:16 AM
Thursday, September 09, 2010 3:38 PMMarc, thanks very much for your helpful response. I did discover that applying SP1 apparently enables the Web Proxy Filter, which we had intentionally disabled. I was able to return to normal operation by disabling the Web Proxy Filter.
- Marked As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Friday, September 10, 2010 2:53 AM