Forefront TMG dropping TSP traffic RRS feed

  • Question

  • we have UAG and TMG installed on same server.

    DA clients are getting dropped for RTSP traffic.

    By running logging on TMG we see

    Log Type-Firewall service.

    Status- Network Rule does not allow connection required.

    Source-External IP of DA client

    Destination -External IP

    Protocol - RTSP.

    I created Rule with protocol RTSP sorce External Destination External to allow access .

    Still no go.Do we need to update GPO on DC and on client  for this to work ?

    Thursday, March 14, 2013 4:46 AM

All replies

  • HELP!!!!!!!!!

    Thursday, March 14, 2013 3:04 PM
  • TMG exists on a UAG box to protect the box from external attacks, but it is not monitoring or modifying the traffic that comes from the DA clients through the IPsec tunnels. When you say you have UAG and TMG installed on the same server, do you just mean that you see them both installed? Or have you made modifications to TMG as if it were its own firewall? The UAG install comes with TMG, but it is not supported to use TMG as its own product on a UAG box.

    If the DA clients are trying to hit something directly on the external interface of the UAG box that TMG is seeing, it could be that the traffic isn't going inside the IPsec tunnels for some reason...? Is it possible that some rule in the NRPT if excluding traffic from the DA tunnels and that is causing this traffic? I may not be 100% clear on the situation you are seeing.

    Thursday, March 14, 2013 5:46 PM