Enterprise Software Thread, TMG 2010: Someone Find me Something High to Jump Off in Technical; Right, after careful consideration and several months of troubleshooting I have decided that Microsoft TMG 2010 is an abortion of ...
6th December 2011, 11:41 AM #1
TMG 2010: Someone Find me Something High to Jump Off
Right, after careful consideration and several months of troubleshooting I have decided that Microsoft TMG 2010 is an abortion of of product and MS should have decided to kill the line before releasing it.
I have tried it on a 2008 R2 VM, 2008 R2 physical host, 2008 physical host and reset it up a few times. Disables all inspection rules, gave it more RAM, implemented extencive logging rules etc.
Stupidly I still can't pin down the problems 100% to the dirty TMG box as there is a switch or two in the way that are dodgey but it seems to be the prolem of TMG.
Symptoms, continuously dropping packets and choking out internet connections for single clients for up to 15 minutes despite killing off flood mitigation settings and installing every hotfix avalible.
Balmer needs to be hit with his own flying chair, removing features from products and releasing tripe like TMG. If I can finally 100% pin it down to TMG I am going to push MS to refund our Volume liscence of it.
6th December 2011, 12:06 PM #2
BOOM - it's rubbish.
Apparently it works much better if your gateway address is the first address on it's subnet (eg. x.x.x.1 ) - so all you've gotta do is rebuild your network architecture ;-)
This terrible product caused us to remove all microsoft firewalls from edge roles, and we'd been ISA totally before that
Thanks to Domino from:
SYNACK (6th December 2011)
6th December 2011, 12:14 PM #3
Interesting, back to ISA for us now till we get some form of replacement or MS releases their new OS with it built in (hopefully having it built in will mean that it will actually work with the OS.
Their team must have accidentally overshot the Balmer Peak:
xkcd: Ballmer Peak
Unfortuantly at our cost.
Thanks to SYNACK from:
sparkeh (6th December 2011)
6th December 2011, 12:43 PM #4
Has there been any formal annoucement on the future of TMG? I think there were reports or rumors that this may be the last version of TMG/ISA. There's also been a lot of speculation that the product might be integrated with the server product and if so it may as simple as adding a role.
6th December 2011, 12:55 PM #5
Still speculation but that is what I think will probably happen as above. If not I have about 0 goodwill left towards the product so they can stick it if it is not implemented in a working fashion and free. If they want me to pay more for UAG or something they can get so jumped...
Originally Posted by spc-rocket
6th December 2011, 01:18 PM #6
Just to add my 2p - we have, use and love TMG 2010
Looks after our web filter, in trainsit AV scanning, SSTP VPN and handles the firewall for various other things.
Runs on a Hyper-V virtual machine and works a treat with an average usage of about 6GB RAM.
A few little things - have you checked the NIC drivers on your Virtual Host? Check they are up to date and consider having a play around with some of the driver settings.
6th December 2011, 01:26 PM #7
Yes to all of the above, different drivers, different driver setting, tweaking synthetic buffers under Hyper-V, disabling all TCP offloading etc. etc. etc. Its weird, it seems to work for some places but be completely hapless and hopeless in others Unfourtunatly for us we are one of the latter. I have two other sites that are still working great on ISA and I have no intention of 'upgrading' them to the flakey cack that is TMG. Chances are they may work fine but I don't want to risk another disaster like the current implementation.
Originally Posted by jamesfed
Interestingly this is the same place that had epic problems with a squid proxy that would not handle more than 20 SSL connections at once. I think the place is just cursed.
Last edited by SYNACK; 6th December 2011 at 01:31 PM.
6th December 2011, 01:29 PM #8
Oh I thought it was done and dusted that TMG 2010 was to be the last release.
Apparently MS confirmed this with Gartner is one of its reports: Deb Shinder Blog » Blog Archive » Death of TMG?
I think I also remember reading that a lot of the staff working on TMG were redeployed in MS.
edit: must admit though there doesn't seem to be any official confirmation of this from MS.
Last edited by sparkeh; 6th December 2011 at 01:34 PM.
6th December 2011, 01:31 PM #9
Since we are on the subject we have ISA 2006 running currently and was considering "updating" to TMG but since it doesn't seem to be held in high regard...... What are the recommended alternatives ?
6th December 2011, 01:32 PM #10
Depends - what are you using it for?
6th December 2011, 01:33 PM #11
It should never have been 'released'. I think that it definatly is the last release of the product line but the future of the featureset has not been determined.
Originally Posted by sparkeh
6th December 2011, 01:35 PM #12
I believe the current speculation is that it will be rolled into the next release of Windows Server...
Originally Posted by SYNACK
6th December 2011, 02:02 PM #13
Have you checked the basement for an Indian burial ground? These things can easily be overlooked.
Originally Posted by SYNACK
6th December 2011, 02:06 PM #14
With the amount of weird BS that happens at that site I think it may be the burial ground of a tribe of witch doctors or the antichrist itself. Even the doors are evil.
Originally Posted by TechMonkey
6th December 2011, 02:07 PM #15
Or a gateway to Hell? Both need firewalling...
Originally Posted by TechMonkey
By ryan_hooper in forum Windows
Last Post: 18th March 2012, 10:14 PM
By RobFuller in forum Hardware
Last Post: 20th May 2010, 11:28 AM
By pritchardavid in forum Coding
Last Post: 8th October 2009, 11:36 PM
Last Post: 2nd April 2009, 01:00 AM
By sidewinder in forum General Chat
Last Post: 13th June 2007, 11:45 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread