none
Forefront TMG 2010 Google search error RRS feed

  • Question

  • I have Forefront Tmg 2010 installed with https inspection and url filtering. Recently i noticed a strange problem, when i try a google search with the following keyword " xp_cmdshell enable " i don't get any result and in the forefront monitor i get the following errors:

    Failed Connection Attempt TMG 4/29/2011 2:36:32 PM Log type: Web
    > Proxy
    > (Forward)
    > Status: 10060 A connection attempt failed because the connected party
    > did not properly respond after a period of time, or established
    > connection failed because connected host has failed to respond.
    > Rule: Allow Web Access for All Users
    > Source: Internal (192.168.0.52:60216)
    > Destination: Perimeter (209.85.149.147:80)
    > Request: GET
    > http://www.google.com/search?q=xp_cmdshell&ie=utf-8&oe=utf-
    > 8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a
    > Filter information: Req ID: 0afdc215; Compression: client=No,
    > server=Yes, compress rate=0% decompress rate=0%
    > Protocol: http
    > User: anonymous
    >  Additional information
    > Client agent: Mozilla/5.0 (Windows NT 6.1; rv:2.0) Gecko/20100101
    > Firefox/4.0 Object source: Internet (Source is the Internet. Object
    > was added to the cache.) Cache info: 0x0 Processing time: 19095 MIME type:
    >
    > Allowed Connection TMG 4/29/2011 2:36:33 PM Log type: Web Proxy
    > (Forward)
    > Status: 200 OK.
    > Rule: Allow Web Access for All Users
    > Source: Internal (192.168.0.52:60216)
    > Destination: Perimeter (209.85.149.147:80)
    > Request: GET http://www.google.com/favicon.ico Filter information: Req ID:
    > 0afdc2c6; Compression: client=No, server=Yes, compress rate=0%
    > decompress rate=0%
    > Protocol: http
    > User: anonymous
    >  Additional information
    > Client agent: Mozilla/5.0 (Windows NT 6.1; rv:2.0) Gecko/20100101
    > Firefox/4.0 Object source: Internet (Source is the Internet. Object
    > was added to the cache.) Cache info: 0x41a20000 (Response includes the
    > CACHE-CONTROL: PRIVATE header. Response includes the CACHE-CONTROL:
    > MAX-AGE or S-MAXAGE header. Response includes the LAST-MODIFIED
    > header. Response includes the EXPIRES header. Response should not be
    > cached.)
    >
    > Processing time: 624 MIME type: image/x-icon
    >
    >
    > Failed Connection Attempt TMG 4/29/2011 2:36:33 PM Log type: Web
    > Proxy
    > (Forward)
    > Status: 10060 A connection attempt failed because the connected party
    > did not properly respond after a period of time, or established
    > connection failed because connected host has failed to respond.
    > Rule: Allow Web Access for All Users
    > Source: Internal (192.168.0.52:60215)
    > Destination: Perimeter (209.85.147.102:80)
    > Request: GET
    > http://suggestqueries.google.com/complete/search?output=firefox&client
    > =firefox&
    > hl=en-GB&q=xp_cmdshell
    > Filter information: Req ID: 0afdc1f5; Compression: client=No,
    > server=Yes, compress rate=0% decompress rate=0%
    > Protocol: http
    > User: anonymous
    >  Additional information
    > Client agent: Mozilla/5.0 (Windows NT 6.1; rv:2.0) Gecko/20100101
    > Firefox/4.0 Object source: Internet (Source is the Internet. Object
    > was added to the cache.) Cache info: 0x0 Processing time: 21497 MIME type:


    • Edited by front242 Monday, May 9, 2011 6:47 AM
    Tuesday, May 3, 2011 8:26 AM

Answers

All replies

  • Hi,

     

    Thank you for the post.

     

    Does this issue occur to all the sites? Actually, error 10060 is a timeout which usually means that TMG sent a SYN packet and did not get any reply. Please check the upstream firewall, it is usually the one dropping the connections.

     

    Regards,

     


    Nick Gu - MSFT
    Thursday, May 5, 2011 5:14 AM
    Moderator
  • This error occur only when i try a search in Google, Bing or Yahoo with the specific keyword xp_cmdshell enable. If i try to search anything else i get results normaly. 


    Thursday, May 5, 2011 7:00 PM
  • Finally the problem wasn't related with TMG
    Friday, May 6, 2011 3:41 PM