+ Post New Thread
Results 1 to 1 of 1
Internet Related/Filtering/Firewall Thread, TMG 2010 unexpected results in Technical; I've got a TMG 2010 box here that acts as our firewall. Basically all web access goes through a smoothwall ...
  1. #1

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18

    TMG 2010 unexpected results

    I've got a TMG 2010 box here that acts as our firewall. Basically all web access goes through a smoothwall box and out to the LEA and the TMG box is the default gateway for the other access (local LEA and similar)

    We mainly use this to allow access to specific sites on the LEA's subnets (websites that are effectively internal but not on our network)

    The primary rule to do this is to Allow access for the internal network to the specified subnets (the LEAs) for HTTP/S and PING etc. This works fine and as expected.

    However when I run the Traffic Simulator and test whether it would allow access to www.madeupsite.com or any actual website it says the above rule matches the packet and allows it!

    Am I missing something here? With this one rule the destinations are explicitly set to the LEAs server addresses, yet any website 'passes' on this rule! This is the only rule in place as the next rule is the default 'Deny All', the logging actually shows my Allow rule is allowing the access based on a packet match:

    "The rule Allow local Bypass matches the packet. The packet is allowed."

    So TMG is saying it would allow access based on the fact it matches on HTTP, even though the destination does not match? I thought the rule had to match everything to be allowed?

    EDIT: After staring at this for hours I've realised it was all down to a typo!!!
    Last edited by GoldenWonder; 14th March 2011 at 02:50 PM.

SHARE:
+ Post New Thread

Similar Threads

  1. TMG 2010
    By kevin_lane in forum Enterprise Software
    Replies: 1
    Last Post: 26th February 2011, 10:03 PM
  2. Problem with forefront tmg 2010
    By flaviorodrigues in forum Wireless Networks
    Replies: 1
    Last Post: 25th February 2011, 06:32 PM
  3. TMG 2010 Proxy Authentication
    By localzuk in forum Internet Related/Filtering/Firewall
    Replies: 1
    Last Post: 4th November 2010, 10:37 AM
  4. TMG 2010 URL Filtering
    By GoldenWonder in forum Internet Related/Filtering/Firewall
    Replies: 11
    Last Post: 14th October 2010, 11:06 AM
  5. TMG 2010 publishing
    By localzuk in forum Windows Server 2008 R2
    Replies: 5
    Last Post: 27th September 2010, 01:11 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •