isa & tmg

howto://use TMG 2010 as the Exchange edge transport server

2010-05-07

  In our earlier posts (part one, part two) we performed a simple Exchange server setup for a ‘single-server’ install. We have our addressing policy setup, and can send email out to the world. Now, it’s time to get email IN to our system. Since we use TMG at our perimeter, we’re going to leverage [...]

would you like to know more?

TMG, or UAG: that is the question

2010-01-28

  Whether ’tis nobler in the mind to suffer the slings and arrow of outrageous hackers, or to take arms against a sea of troubles, and by opposing end them? TMG, UAG, which do I want? With their new branding strategy, Microsoft has once again muddied up the waters of their security line to such [...]

would you like to know more?

I hear you knocking but you can’t come in

2010-01-17

  So the situation is you have an FTP client behind your TMG server, trying to connect over FTP to a server on the Internet. Logon looks to be successful, but when you try to do an ls or a dir, you get a 550 response…access denied. If you run a trace on both the [...]

would you like to know more?

Let me out! Configuring outbound access rules in TMG 2010

2010-01-14

When last we discussed TMG 2010, we completed our install and initial configuration, and were permitting outbound HTTP, HTTPS and DNS traffic. While that was a great start, I doubt it was even minutes before you found out how many other protocols you’re using without even noticing it until something blocks it. Remember, TMG is [...]

would you like to know more?

howto://Installing Microsoft Forefront TMG 2010, part two

2010-01-11

Welcome back. In our last post we began our install of TMG 2010. We’ll pick right up with that in just a moment, but in case you didn’t read that one, or just want a summary, here is where we stand. We’ve just completed the install of TMG 2010 Enterprise on a Server 2008 R2 [...]

would you like to know more?

howto://Installing Microsoft Forefront TMG 2010, part one

2010-01-07

TMG 2010 is now available for download from MSDN…let’s kick the tires and light the fires!

would you like to know more?

ISA 2006 makes Firefox cry

2008-07-21

Ok, not really, but I needed a catchy title, no? The situation is this…publish a site through ISA 2006, and redirect all HTTP traffic to HTTPS. In Internet Explorer this works well, but when the client is using Firefox, the redirection is to https://site.example.com:0.What is that :0? Well, IE interprets that as the default port [...]

would you like to know more?

“Did I do that?”-Steve Urkel

2008-01-09

In my continuing discovery of ISA 2006 issues that aren’t documented, I came across an interesting one today. One of two servers in the array was not functioning correctly. The Microsoft Firewall Service would not start, and the Event Log message was less than illuminating. ISA Server could not load the application filter Web Proxy [...]

would you like to know more?

SYN, SYN ACK,…RST. RST? WTF?

2007-12-28

There is a problem with Receive Side Scaling and Windows 2003 SP2, when you are doing one of the following…1) using NAT….nat is what? come on, say it….EVIL!2) you are using ICS.3) you are using the Microsoft Firewall service…like when you are an ISA Server. This will first manifest as REALLY SLOW logins. Then you [...]

would you like to know more?

Importing a certificate with keys into ISA 2006

2007-10-26

Situation: you have a pfx file that contains a certificate and the key pair you wish to use to secure a site. You double click the pfx file to import the certificate and key pair, and all seems to go well. You view the certificate, and you see that you have the private key that [...]

would you like to know more?

Automatically backing up an ISA server’s configuration

2007-10-24

The ISA servers I maintain are hosted at a third party datacenter, which charges a premium for backups. Since the only thing I want to backup from the ISA servers is the ISA configuration, I have just been exporting to an xml and copying it off on occasion. Of course, a manual process is a [...]

would you like to know more?

ISA Server 2006 certificate autoenrollment with online Microsoft CA

2007-10-09

So I have a few Microsoft ISA 2006 servers floating around the environment, and have recently started to deploy a PKI infrastructure, to include an online enterprise root CA in one domain, and enterprise subordinate ca’s for various functions in both the internal and external domain. With the introduction of an enterprise CA, I am [...]

would you like to know more?

← Previous Entries

Next Entries →