+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 23
Enterprise Software Thread, TMG 2010: Someone Find me Something High to Jump Off in Technical; Right, after careful consideration and several months of troubleshooting I have decided that Microsoft TMG 2010 is an abortion of ...
  1. #1

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,143
    Thank Post
    863
    Thanked 2,695 Times in 2,285 Posts
    Blog Entries
    9
    Rep Power
    772

    Angry TMG 2010: Someone Find me Something High to Jump Off

    Right, after careful consideration and several months of troubleshooting I have decided that Microsoft TMG 2010 is an abortion of of product and MS should have decided to kill the line before releasing it.

    I have tried it on a 2008 R2 VM, 2008 R2 physical host, 2008 physical host and reset it up a few times. Disables all inspection rules, gave it more RAM, implemented extencive logging rules etc.

    Stupidly I still can't pin down the problems 100% to the dirty TMG box as there is a switch or two in the way that are dodgey but it seems to be the prolem of TMG.

    Symptoms, continuously dropping packets and choking out internet connections for single clients for up to 15 minutes despite killing off flood mitigation settings and installing every hotfix avalible.

    Balmer needs to be hit with his own flying chair, removing features from products and releasing tripe like TMG. If I can finally 100% pin it down to TMG I am going to push MS to refund our Volume liscence of it.

  2. #2

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,137
    Thank Post
    215
    Thanked 1,259 Times in 790 Posts
    Blog Entries
    4
    Rep Power
    507
    BOOM - it's rubbish.

    Apparently it works much better if your gateway address is the first address on it's subnet (eg. x.x.x.1 ) - so all you've gotta do is rebuild your network architecture ;-)

    This terrible product caused us to remove all microsoft firewalls from edge roles, and we'd been ISA totally before that

  3. Thanks to Domino from:

    SYNACK (6th December 2011)

  4. #3

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,143
    Thank Post
    863
    Thanked 2,695 Times in 2,285 Posts
    Blog Entries
    9
    Rep Power
    772
    Interesting, back to ISA for us now till we get some form of replacement or MS releases their new OS with it built in (hopefully having it built in will mean that it will actually work with the OS.

    Their team must have accidentally overshot the Balmer Peak:

    xkcd: Ballmer Peak

    Unfortuantly at our cost.

  5. Thanks to SYNACK from:

    sparkeh (6th December 2011)

  6. #4

    Join Date
    Oct 2005
    Location
    East Midlands
    Posts
    738
    Thank Post
    17
    Thanked 105 Times in 65 Posts
    Rep Power
    37
    Hi SYNACK

    Has there been any formal annoucement on the future of TMG? I think there were reports or rumors that this may be the last version of TMG/ISA. There's also been a lot of speculation that the product might be integrated with the server product and if so it may as simple as adding a role.

    Ash.

  7. #5

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,143
    Thank Post
    863
    Thanked 2,695 Times in 2,285 Posts
    Blog Entries
    9
    Rep Power
    772
    Quote Originally Posted by spc-rocket View Post
    Hi SYNACK

    Has there been any formal annoucement on the future of TMG? I think there were reports or rumors that this may be the last version of TMG/ISA. There's also been a lot of speculation that the product might be integrated with the server product and if so it may as simple as adding a role.

    Ash.
    Still speculation but that is what I think will probably happen as above. If not I have about 0 goodwill left towards the product so they can stick it if it is not implemented in a working fashion and free. If they want me to pay more for UAG or something they can get so jumped...

  8. #6
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,202
    Thank Post
    137
    Thanked 342 Times in 289 Posts
    Rep Power
    86
    Just to add my 2p - we have, use and love TMG 2010

    Looks after our web filter, in trainsit AV scanning, SSTP VPN and handles the firewall for various other things.

    Runs on a Hyper-V virtual machine and works a treat with an average usage of about 6GB RAM.

    A few little things - have you checked the NIC drivers on your Virtual Host? Check they are up to date and consider having a play around with some of the driver settings.

  9. #7

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,143
    Thank Post
    863
    Thanked 2,695 Times in 2,285 Posts
    Blog Entries
    9
    Rep Power
    772
    Quote Originally Posted by jamesfed View Post
    Just to add my 2p - we have, use and love TMG 2010

    Looks after our web filter, in trainsit AV scanning, SSTP VPN and handles the firewall for various other things.

    Runs on a Hyper-V virtual machine and works a treat with an average usage of about 6GB RAM.

    A few little things - have you checked the NIC drivers on your Virtual Host? Check they are up to date and consider having a play around with some of the driver settings.
    Yes to all of the above, different drivers, different driver setting, tweaking synthetic buffers under Hyper-V, disabling all TCP offloading etc. etc. etc. Its weird, it seems to work for some places but be completely hapless and hopeless in others Unfourtunatly for us we are one of the latter. I have two other sites that are still working great on ISA and I have no intention of 'upgrading' them to the flakey cack that is TMG. Chances are they may work fine but I don't want to risk another disaster like the current implementation.

    Interestingly this is the same place that had epic problems with a squid proxy that would not handle more than 20 SSL connections at once. I think the place is just cursed.
    Last edited by SYNACK; 6th December 2011 at 12:31 PM.

  10. #8

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,746
    Thank Post
    1,275
    Thanked 1,651 Times in 1,106 Posts
    Blog Entries
    22
    Rep Power
    506
    Oh I thought it was done and dusted that TMG 2010 was to be the last release.

    Apparently MS confirmed this with Gartner is one of its reports: Deb Shinder Blog » Blog Archive » Death of TMG?

    I think I also remember reading that a lot of the staff working on TMG were redeployed in MS.

    edit: must admit though there doesn't seem to be any official confirmation of this from MS.
    Last edited by sparkeh; 6th December 2011 at 12:34 PM.

  11. #9
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,002
    Thank Post
    120
    Thanked 282 Times in 260 Posts
    Rep Power
    108
    Since we are on the subject we have ISA 2006 running currently and was considering "updating" to TMG but since it doesn't seem to be held in high regard...... What are the recommended alternatives ?

  12. #10

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,137
    Thank Post
    215
    Thanked 1,259 Times in 790 Posts
    Blog Entries
    4
    Rep Power
    507
    Depends - what are you using it for?

  13. #11

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,143
    Thank Post
    863
    Thanked 2,695 Times in 2,285 Posts
    Blog Entries
    9
    Rep Power
    772
    Quote Originally Posted by sparkeh View Post
    Oh I thought it was done and dusted that TMG 2010 was to be the last release.

    Apparently MS confirmed this with Gartner is one of its reports: Deb Shinder Blog » Blog Archive » Death of TMG?
    It should never have been 'released'. I think that it definatly is the last release of the product line but the future of the featureset has not been determined.

  14. #12

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,746
    Thank Post
    1,275
    Thanked 1,651 Times in 1,106 Posts
    Blog Entries
    22
    Rep Power
    506
    Quote Originally Posted by SYNACK View Post
    It should never have been 'released'. I think that it definatly is the last release of the product line but the future of the featureset has not been determined.
    I believe the current speculation is that it will be rolled into the next release of Windows Server...

  15. #13

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,286
    Thank Post
    225
    Thanked 405 Times in 302 Posts
    Rep Power
    162
    Quote Originally Posted by SYNACK View Post

    Interestingly this is the same place that had epic problems with a squid proxy that would not handle more than 20 SSL connections at once. I think the place is just cursed.
    Have you checked the basement for an Indian burial ground? These things can easily be overlooked.

  16. #14

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,143
    Thank Post
    863
    Thanked 2,695 Times in 2,285 Posts
    Blog Entries
    9
    Rep Power
    772
    Quote Originally Posted by TechMonkey View Post
    Have you checked the basement for an Indian burial ground? These things can easily be overlooked.
    With the amount of weird BS that happens at that site I think it may be the burial ground of a tribe of witch doctors or the antichrist itself. Even the doors are evil.

  17. #15

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,137
    Thank Post
    215
    Thanked 1,259 Times in 790 Posts
    Blog Entries
    4
    Rep Power
    507
    Quote Originally Posted by TechMonkey View Post
    Have you checked the basement for an Indian burial ground? These things can easily be overlooked.
    Or a gateway to Hell? Both need firewalling...

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 14
    Last Post: 18th March 2012, 09:14 PM
  2. Dell - is it to hard to sell me something?
    By RobFuller in forum Hardware
    Replies: 5
    Last Post: 20th May 2010, 10:28 AM
  3. Can someone design me something please
    By pritchardavid in forum Coding
    Replies: 17
    Last Post: 8th October 2009, 10:36 PM
  4. Replies: 3
    Last Post: 2nd April 2009, 12:00 AM
  5. Replies: 2
    Last Post: 13th June 2007, 10:45 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •