[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Forefront TMG 2010 Troubleshooting Tools

Published on
14,613 Points
2 Endorsements
Last Modified:
Community Pick
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the initiated or trained, looking at the log files or reading the output from a set of trace files created from the 'repro' tool within the best practice analyser is sufficient; and fairly easy to do if you understand what you are looking at.

For the less knowledgeable - or for those who do not have the time to deep-dive and work it out for themselves - there is diagnostic logging, a new option that works really well in Forefront TMG 2010.

This brief article walks through the diagnostic logging routine and brings together a sample view of what can be picked up from it including the sequencing of events.

Diagnostic logging is disabled by default - it stands to reason that it takes up a fair bit of processing power and storage so should only be used when troubleshooting a specific issue rather than leaving it running all the time.

To enable the function, open the FTMG GUI, select Troubleshooting and then the Diagnostic Logging tab along the top on the right-hand-side.  Open the task pane on the far right and click enable diagnostic logging.

FTMG will now commence its inspection of events that take place and attempt to put them into an intelligible framework but note that you will NOT see anything appear on the screen. It is also noteworthy that you should try and undertake this activity when normal traffic is light or even out of normal working hours, if possible. In the meantime, try and recreate the event that you are trying to investigate or the scenario that you wish to be enlightened on. Once recreation has taken place or, after a short period of time driven by your storage really, disable the diagnostic logging option. Again, nothing will appear on the screen at this time, everything is held in the log ready for recall.

Click Show All then stand back..... you should now be looking at a fairly lengthy output of events that the FTMG server has undertaken during that period.

I have attached a Word document that contains a number of screenshots of these steps and some sample test-bed outputs for convenience.

Featured Post

Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Join & Write a Comment

Key to your CPU's ability to stay cool is to use the right amount of thermal paste and apply it correctly. In other words you want as much thermal conductivity between CPU and the cooling block. Use a quality thermal paste and apply it in a manner…
Watch this online video tutorial and learn the best way to reduce Outlook mailbox size using Compact Now feature of Outlook. It removes the deletes item's space from Microsoft Outlook 2016, 2013, and 2010 and compresses the PST file size. This will …

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month