none
TMG Block access to intranet web page

    Question

  • Hi

    I can't reach intranet web page.

    TMG returns an error

    Error Code: 502 Proxy Error. Forefront TMG denied the specified Uniform Resource
    Locator (URL). (12202)

    When I use TMG client he erares all exception in IE - Internet options - Lan Settings - advanced - exception

    I configure exception on TMG internal network, web browser.

    I checked Bypass proxy for web servers in this network, Directly access computers specified in the Domains tab, Directly access computers specified in the addresses tab.

    I added LAN address in exception.

    I have TMG 2010 SP1 and Software Update 1 Rollup 4


    Best regards
    Dubravko Marak
    MCP
    Blog: Windows Server Administration
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, March 21, 2012 11:49 AM

Answers

  • Here is solution that works for me

    I must configure WPAD ang configure client to automaticaly detect settings

    Now intranet pages is working :)


    Best regards
    Dubravko Marak
    MCP
    Blog: Windows Server Administration
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, April 11, 2012 2:22 PM

All replies

  •  

    Hi,

    Thank you for the post.

    What is your network topology? If the internal client access intranet web page, the traffic will bypass TMG server.

    Regards,


    Nick Gu - MSFT

    Thursday, March 22, 2012 8:15 AM
    Moderator
  • This is by design. TMG will block access to internal websites unless specifically configured not to.

    An internal client accessing an internal website via your internet proxy is not normally desired behaviour. You want to investigate why that is happening.

    Likely the TMG Client is not configured correctly. Make sure the internal network properties for Web Browser are set correctly, and that you complete the Addresses and Domains tabs as well.

    • Proposed as answer by rt3465345 Tuesday, March 27, 2012 7:42 PM
    • Unproposed as answer by Dubravko MarakMVP Wednesday, March 28, 2012 8:41 AM
    Saturday, March 24, 2012 11:16 PM
  • Hi

    TMG is my EDGE firewall

    My Internal properties is configured lile this:

    Intranet address is intranet.mydomain.com

    In Domains tab I put *.mydomain.com

    I create web listener and publish web page from internal to internal

    After this I have better results. From TMG I have access to intranet web page when i type http://intranet.mydomain.com and from clients i have acces ONLY when i type htp://intranet.

    I must have access from clients typing http://intranet.mydomain.com

    I have this problem with  ALL intranet sites (web interfaces of printers etc.), and I want to all my clients use TMG client


    Best regards
    Dubravko Marak
    MCP
    Blog: Windows Server Administration
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, March 28, 2012 8:48 AM
  • And here is Address tab


    Best regards
    Dubravko Marak
    MCP
    Blog: Windows Server Administration
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, March 28, 2012 8:49 AM
  •  

    Hi,

    Thank you for the update.

    If you want the web proxy clients by pass the ISA Server, please refer to the following links:

    http://blogs.technet.com/b/sooraj-sec/archive/2010/06/19/by-pass-isa-tmg-server-part1.aspx

    http://blogs.technet.com/b/sooraj-sec/archive/2010/06/20/by-pass-isa-tmg-server-part-2.aspx

    Regards,


    Nick Gu - MSFT

    Thursday, March 29, 2012 8:35 AM
    Moderator
  •  

    Hi,

    Thank you for the update.

    If you want the web proxy clients by pass the ISA Server, please refer to the following links:

    http://blogs.technet.com/b/sooraj-sec/archive/2010/06/19/by-pass-isa-tmg-server-part1.aspx

    http://blogs.technet.com/b/sooraj-sec/archive/2010/06/20/by-pass-isa-tmg-server-part-2.aspx

    Regards,


    Nick Gu - MSFT

    Hi Nick Gu

    I know this, but....

    I want to use firewall client for all users. But firewall cliend erases all exception settings in IE. I know that i have solution to control proxy using GPO, but im my case I want to use firewall client instead.


    Best regards
    Dubravko Marak
    MCP
    Blog: Windows Server Administration
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Thursday, March 29, 2012 1:50 PM
  • Here is solution that works for me

    I must configure WPAD ang configure client to automaticaly detect settings

    Now intranet pages is working :)


    Best regards
    Dubravko Marak
    MCP
    Blog: Windows Server Administration
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, April 11, 2012 2:22 PM