I have setup a Forefront TMG 2010 SP1 Update3 enterprise box as Domain member, I use two authentication mechanism, via source IP (All Users as auth condition) and via Domain Users to access Internet and Perimeter (3-Leg setup). Firewall rules are allowing all outgoing traffic from LAN to Perimeter.When I try to access to Perimeter and I authenticate traffic by source IP, everything is working fine (All users as authentication Condition). But when I use Some domain group or user as auth condition, Firewall drops my netbios traffic with status in logs: " The action cannot be performed because the session is not authenticated. ". But still I have access to the same machine via remote desktop. I tried to change TMG Client properties via enabling authentication for svchost (svchost disable 0), insert authentication for explorer, nothing helped. Traffic goes fine for All users and dropped for Domain Users. All other services (HTTP, FTP, RDP) works fine for the same destination.
Thank you in advance