FOREFRONT TMG 2010 with apple

Posted on 2012-08-29
Last Modified: 2012-08-30
Hello everybody,

I have installed a Windows server 2008 with FOREFRONT TMG 2010 and I have some problem with Itune and Iphone devices. I have configure my FOREFRONT with windows autentication (NTLM) all works very fine with microsoft clients, but when they want to get access on itunes an authentication pop-up with credential appear even they tip credential the pop-up appear again and again...
I have the same problems with iphones devices when they want to get internet with safari browser or mail on an exchange server.

Do you have any ideas to resolve that?

Thanks a lot
Question by:admininfo
    LVL 19

    Expert Comment

    Some software (I had identical issue with iTunes) does not expose user identity to TMG. When User1 runs IE, IE "tells" TMG User1 is running IE and as a result TMG allows User1 to browse the Internet. When User1 runs iTunes, iTunes "does not tell" TMG who is using iTunes and as a result TMG asks for credentials.
    The fastest solution is assigning a fix IP (with a reservation) to the client and allowing it anonymous browsing ("All Users" condition).
    Let me know.

    Author Comment

    It is ok for Itunes and Iphone but an other problem appear... I use the add-on Bandwidth Splitter and as you explain me I have mase an anoymous rules but in the monitoring of Bandwidth Splitter I want the Windows logins in the logs...  And with this rule I can't have nt account of all my users...

    Thanks for your help.
    LVL 19

    Expert Comment

    Glad to know you use Bandwidth Splitter (from now on BS). It is a nice product indeed.
    Well, it depends which is the number of clients that use software that does not expose identity to TMG (such as iTunes).
    For example: if you have 100 clients and 5 of these use iTunes, you'll get reports from BS about 95 users and 5 clients. You know that these 5 clients are used only by 5 users, don't you? You don't need to set TMG to allow anonymous traffic ("All Users") to all clients; just set it to the 5 affected clients.
    On the contrary, if all clients use iTunes, BS reports will include only clients traffic.

    I'm afraid there's no other solution. I've tried almost everything with iTunes/TMG and only anonymous traffic worked out.

    Author Comment

    That is the problem all my client use Itunes :( maybe I will try surfcop
    Thanks  lot
    LVL 19

    Accepted Solution

    You are welcome.
    If I did help, kindly close the question.
    If I did not help, kindly delete the question.
    Thank you.

    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Suggested Solutions

    #Citrix #Internet Explorer #Enterprise Mode #IE 11 #IE 8
    This is a short article about OS X KeRanger, and what people can do to get rid of it.
    Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
    How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now