[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

TMG 2010 Users not authentcating

Posted on 2011-10-11
10
Medium Priority
?
662 Views
Last Modified: 2012-05-12
HI all,

fresh install of TMG 2010, i have changed the "allowed web access for all users" from all users to all authenticate users

under web proxy i have chosen integrated authentication and port 8080
i have set the clients proxy to the firewalls internal card and chose port 8080

i open ie > tmg error requires authentication :S
looking in loogging, user is coming up as anoymous instead of the logged in AD user

anyone know whats happening?
am i missing something out?

Thanks
0
Comment
Question by:awilderbeast
  • 6
  • 4
10 Comments
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36948938
Did you configure the proxy in IE ? or other browser ? IE options

you cant authenticate using a default gateway. not supported.
0
 
LVL 1

Author Comment

by:awilderbeast
ID: 36948941
if i change the rule back to all users, everything works but i arent getting usernames in logging

im trying to update to tmg sp1 see if that solves it!
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36948956
TMG can authenticate only webproxy clients and firewall clients but not secure nat clients.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 1

Author Comment

by:awilderbeast
ID: 36949158
so i have to install the client to be able to use "all authenticated users"?
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36949212
yes, or to fill TMG's internal ip as a browser proxy on port 8080 by default.
0
 
LVL 1

Author Comment

by:awilderbeast
ID: 36949285
ive already done that... :S

all the clients point to this in ie

ok after install of sp1 it seems its working! i can see usersnames and the full sites are there now

do you know of this bug pre sp1?
Capture.PNG
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36951065
Good that you get sorted :)

I had never heard about such bug. It could be something else was casing the issue.
0
 
LVL 1

Author Comment

by:awilderbeast
ID: 36963545
i take it back

have you tried using the autoconfig script feature?
any luck with it?

it only seems to authenticate half my traffic all the other is denied making me unable to browse!
i had to use group policy to set the proxy to the firewalls IP

i would of perfered to be able to use the auto script, do i need to install the TMG client for the autoscript to work?

Thanks
0
 
LVL 1

Accepted Solution

by:
awilderbeast earned 0 total points
ID: 37136890
ive removed the auto script and the auto settings gone back to manually applying via gpo
0
 
LVL 1

Author Closing Comment

by:awilderbeast
ID: 37166402
as above
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question