Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 858
  • Last Modified:

TMG stops responding.

I have a TMG configured as edge firewall internal and external network after a day or to day it stops responding I cannot ping it and when try to login locally it hangs at welcome screen but when I plug cable out and in from external and internal network it works again or I can restart TMG then it works again (it run fine for about 1 to 3 days) I also reloaded TMG installed all latest updates and made firmware upgrade on server.
HP Dl 380 G5
6GB RAM
Dual Core CPU
Windows 2008R2
I’m running out of ideas any advice
0
jacksch4820
Asked:
jacksch4820
  • 4
  • 4
2 Solutions
 
BawerCommented:
Had similar issue and found that rules were not configured correctly, please let me know about the rules.
0
 
Suliman Abu KharroubIT Consultant Commented:
Any alerts in the monitoring tab ? like sync attack.
0
 
jacksch4820Author Commented:
Please see attachment for rules.
After reloading TMG I did not import any rules from backup setup rules manually again.
No alerts in the monitoring tab like sync attack.
TMG-Rules.jpg
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
BawerCommented:
Download IsaBPA and see what alerts does it shows ?
Does it show any alert on MS server "event viewer" ?
0
 
jacksch4820Author Commented:
No errors in MS event viewer
Only error I get in IsaBPA is:
The security descriptor of a logging folder does not grant sufficient rights.

I disabled safeseach and removed the access rule I also disabled flood migration.
Will monitor again and see.
Any other ideas
0
 
BawerCommented:
Good have you modified any user right over C:\ drive ?
0
 
jacksch4820Author Commented:
no
0
 
BawerCommented:
1. ( http://blogs.technet.com/b/isablog/archive/2008/09/08/isa-administrative-roles-ntfs-and-registry-permissions.aspx ) can help you in fixing granting access.

2. go to "sql server configuration manager" then "sql server network configuration"
then "protocols for MSFW" then " TCP/IP" then "Ip Adresses Tab " check whether your TMG ip address matches the value typed in there and as well as do the same steps on "protocols for ISARS" which is below this tab.
0
 
jacksch4820Author Commented:
I notice something interesting yesterday.
I’m running performance monitor and tcpviewer on TMG and a timeless ping to tmg from a workstation.
Yesterday evening I noticed internet did not work for about a 1 minute where I notice internet is not working I RDP to server and swa in tcpviewer  some syn_sent and syn_reciveed I did not see it where internet was working only where internet dropped for about 1 minute rdp session also kind of stop responding for about 5 seconds just black but timeless ping was still running with no problem.
For me it looks like TCP syn Flood nothing in in alert tap on tmg but mitigation flood attack is turned off But where mitigation flood attack was on nothing was in tmg alerts tap about syn.
Log traffic blocked by flood mitigation settings is clicked

Any ideas/advice.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now