Link to home
Create AccountLog in
Avatar of BorgusGroup

asked on

TMG HTTP Latency

I recently moved from ISA 2006 to TMG. Since switching over to TMG, there is a significant performance issue when browsing the web from the clients behind TMG. Whenever opening a browser, it takes a 2 to 5 seconds before the intial page appears. Browsing this page, however, is as fast as it used to be with ISA 2006. Whatever link within the same FQDN will respons as normal. If I open a link on to different FQDN, it will again take a few seconds for the page to appear.

There are no performance issues with this server, there is no packet loss and downloading files is as fast as ever.

It seems TMG is checking the requested URL domain for its validity. This is taking an unacceptably long time. How do I circumvent this? I already tried disabling the Network Inspection and malware protection.

Any sugestions on where to look for this issue would be appreciated.
Avatar of jPDave
Flag of Germany image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of BorgusGroup


Thanks for the tip. I verified this one a few clients. NSLOOKUP returns any new URL instantly. Also DNS structure hasn't changed since migration.

However, the TMG server has 15 NICs ( with 12 virtual NICs for VLANs ) and blocked some of those NICs in the DNS server on TMG. When doing a NSLOOKUP on TMG it times out many times. It seems TMG does verify and requests its own DNS server on NICs that are blocked.

So after unblocking the NICs in DNS for the unused VLANs, the TMG server could resolve faster.

Case closed. Thanks.