I have a strange and intermittent problem. I use Forefront TMG 2010 to publish Exchange 2010 (using separate rules for webmail, Active Sync, and Outlook anywhere + autodiscover. Normally this works correctly but we have instances where traffic is being dropped by TMG, but at the very same time, traffic from other networks into the same TMG are working correctly.

So I get a complaint from one user located somewhere that whenever he tries to reach the webmail URL he gets " internet explorer cannot display the page", whilst at the very same time, I am able to access OWA from my home, when using my phone and even from the office. Now if troubleshooting the issue, and using TMG's log I can see that from the IP address at which the complaining users is at, packets are being dropped with messages similar to :

0x80074e21 FWX_E_ABORTIVE_SHUTDOWN

Whilst at the very same time, people from other locations have no problems whatsoever to reach the very same published website. The only fix is to restart the Microsoft Forefront firewall, after the recycle of this service connectivity is restored for the complaining user.

Hi,

Thank you for the post.

According to the error message, it looks like traffic is not reaching completely. I suspect this issue is related to client side. Is there any firewall or antivirus software installed on the client? if you disable them and see if the same behavior.

Regards,

Ok,

Now please explain to me how at the EXACT same time, other people using other networks are having no problems, and then explain to me how I can see the affected client IP being dropped by the firewall, and after a restart of the Forefront firewall service, these clients can indeed make a connection again. (witout any changes on the client side )

I have the exact same thing happen on two separate locations, with two separate businesses.

It is quite clearly NOT a client side issue, it is forefront that is causing the problem.

Now any more ideas ?

Did you receive any ideas which solved the problem? Because we see somewhere similar problems with TMG and OWA.

Once in a while only OWA and Outlook Anywhere traffic is dropped by the TMG from external, while all other traffic (including http/https to other services) is processed according to the rules. We tried disabling/reenabling the rules, but without success. Only a reboot of the firewall service of the TMG (or the TMG as whole) solves te problem.

The TMG log shows the following:

Status: A connection was abortively closed after one of the peers sent an RST packet. (0x80074e21 FWX_E_ABORTIVE_SHUTDOWN)

Anyone?

We tried disabling/reenabling the rules, but without success. Only a reboot of the firewall service of the TMG (or the TMG as whole) solves te problem.

Above statement was incorrect. Before we did a restart within 10 minutes after noticing that disabling/reenabling didn't work.

Now I disabled all the OWA/Outlook Anywhere rules > Sync Configuration > Reenable all same rules > Sync Configuration > WAIT 15 minutes and it magically started to work again...

Hi, did you manage to solve that problem? I have been having exactly the same issue for a couple of months now

I am having the same problem only with HTTP to HTTPs web access. We have two TMG servers that run in a HA LB pair. It appears this only happens on one of the TMG servers. After restarting the firewall service on the faulty TMG the problem was resolved. I assume the problem will come back though. Has anyone found out a solution for this?

Can you please tell me , how many TMG servers you have? are they NLBed? (Possibly one has problem and other has not?)

What about other applications published through TMG? Do they have same problem?

Have you got any network capture when problem happened? 

What about messages in Alerts Tab of TMG? 

We are experiencing the same issue. It's not only related to Exchange sites published, but also TFS website. Increasing different kind of TMG "allowed connections" limits didn't resolved the issue. We are talking about trivial configuration with just one TMG. No related Alert's on TMG dashboard.

Anyone?

• Edited by Vladimir Usov 5 hours 9 minutes ago

We are experiencing the same issue. It's not only related to Exchange sites published, but also TFS website. Increasing different kind of TMG "allowed connections" limits didn't resolved the issue. We are talking about trivial configuration with just one TMG. No related Alert's on TMG dashboard.

Anyone?

• Edited by Vladimir Usov Monday, February 09, 2015 6:32 AM

We are experiencing the same issue. It's not only related to Exchange sites published, but also TFS website. Increasing different kind of TMG "allowed connections" limits didn't resolved the issue. We are talking about trivial configuration with just one TMG. No related Alert's on TMG dashboard.

Anyone?

• Edited by Vladimir Usov Monday, February 09, 2015 6:32 AM