locked
VPN access configuration with ForeFront TMG RRS feed

  • السؤال

  • I am trying to configure VPN Client access with ForeFront TMG. When I try to add domain groups to allow access to them, under Group column I can only see the SID of the domain group. And the Domain column ends up empty. ForeFront TMG is joined to the domain.

    Can you think of a reason?

    28/ربيع الثاني/1431 03:00 م

الإجابات

  • Hi Guys,

    Check if the secure channel is intact. See if you are getting any 5719 events.

    Run Netdiag on the machine to check the DNS resolution for SRVs.

    Check if the DNS has the entries of the SRVs.

    Try logging on as another user.

    Create a share on the TMG, give permission only to one user. Now, go to another client and try to access that folder. Try it otherwise too, creating share on client and accessing via ISA Server. This is to test the authentications.


    Regards, Amit Saxena
    • تم وضع علامة كإجابة بواسطة James Kilner 19/شوال/1431 08:00 ص
    28/جمادى الثانية/1431 04:16 م

جميع الردود

  • I am trying to configure VPN Client access with ForeFront TMG. When I try to add domain groups to allow access to them, under Group column I can only see the SID of the domain group. And the Domain column ends up empty. ForeFront TMG is joined to the domain.

    Can you think of a reason?


    Hi,

    have a look at the System policy rule if this rule allows Active Directory access and if the option "enable strict RPC compliance" in the system rule is deactivated.


    regards Marc www.nt-faq.de www.it-training-grote.de www.forefront-tmg.de
    28/ربيع الثاني/1431 06:21 م
  • I can successfully add the domain group to the allowed groups list in VPN Client Access settings window. This means AD access is enabled, right? After I choose the group and click add, the group list only shows the SID of the group, the domain column is empty.
    • تم الاقتراح كإجابة بواسطة Benoit HAMET - MVPMVP 30/جمادى الأولى/1431 09:34 ص
    28/ربيع الثاني/1431 07:09 م
  • Do you see 5719 Netlogon evets in the event logs on TMG Server?


    Regards.
    16/جمادى الأولى/1431 02:49 م
  • Hello

     

    Is your AD domain in 2000 or 2000 mixted mode?

    If so try this fix http://support.microsoft.com/kb/976494

    I had the same issue on Windows 2008 R2 Server on which I tried to install SharePoint 2010


    Senior Solution Architect Capgemini
    • تم الاقتراح كإجابة بواسطة Benoit HAMET - MVPMVP 30/جمادى الأولى/1431 09:36 ص
    30/جمادى الأولى/1431 09:36 ص
  • I have the same problem. I installed fix above, but I have the same problem.

    I am trying to configure VPN Client access with TMG. When I try to add domain groups to allow access to them, under Group column I can only see the SID of the domain group. And the Domain column ends up empty. ForeFront TMG is joined to the domain.

    • تم الاقتراح كإجابة بواسطة JamdownTech 05/ذو القعدة/1431 09:41 ص
    28/جمادى الثانية/1431 10:33 ص
  • Hi Guys,

    Check if the secure channel is intact. See if you are getting any 5719 events.

    Run Netdiag on the machine to check the DNS resolution for SRVs.

    Check if the DNS has the entries of the SRVs.

    Try logging on as another user.

    Create a share on the TMG, give permission only to one user. Now, go to another client and try to access that folder. Try it otherwise too, creating share on client and accessing via ISA Server. This is to test the authentications.


    Regards, Amit Saxena
    • تم وضع علامة كإجابة بواسطة James Kilner 19/شوال/1431 08:00 ص
    28/جمادى الثانية/1431 04:16 م
  • Hi Guys

    Had a similar problem check to see if the RPC Filter is disabled, the RPC filter needs to be enabled for TMG to access Active Directory.

     

    Regards

    05/ذو القعدة/1431 09:51 ص