Hello.

I use a TMG Server and this problem occur on clients. My TMG server run Telegram without any problem.In TMG I use some rules and the PCs that want to use Telegram are NAT (Use a TMG rule that let them connect to internet directly).
This problem suddenly happened :(.

I use Wireshark on my Client and it show me below Picture :

https://ask.wireshark.org/upfiles/wireshark_1S1dX3c.png

Thank you.

Hello, I honestly do not know what you mean by "run Telegram". I have never heard of it. Is that a 3rd party product? What is it supposed to do? The picture you included basically only has one frame which is a Reset. I would need to see more of the conversation and some of the TMG Logging as well. What does your access rule look like?

Hello, I honestly do not know what you mean by "run Telegram". I have never heard of it. Is that a 3rd party product? What is it supposed to do? The picture you included basically only has one frame which is a Reset. I would need to see more of the conversation and some of the TMG Logging as well. What does your access rule look like?

• Proposed as answer by Joyce LMicrosoft contingent staff, Moderator 21 hours 22 minutes ago

Hello, I honestly do not know what you mean by "run Telegram". I have never heard of it. Is that a 3rd party product? What is it supposed to do? The picture you included basically only has one frame which is a Reset. I would need to see more of the conversation and some of the TMG Logging as well. What does your access rule look like?

• Proposed as answer by Joyce LMicrosoft contingent staff, Moderator Thursday, August 06, 2015 9:59 AM

Hello, I honestly do not know what you mean by "run Telegram". I have never heard of it. Is that a 3rd party product? What is it supposed to do? The picture you included basically only has one frame which is a Reset. I would need to see more of the conversation and some of the TMG Logging as well. What does your access rule look like?

• Proposed as answer by Joyce LMicrosoft contingent staff, Moderator Thursday, August 06, 2015 9:59 AM

Hello, I honestly do not know what you mean by "run Telegram". I have never heard of it. Is that a 3rd party product? What is it supposed to do? The picture you included basically only has one frame which is a Reset. I would need to see more of the conversation and some of the TMG Logging as well. What does your access rule look like?

• Proposed as answer by Joyce LMicrosoft contingent staff, Moderator Thursday, August 06, 2015 9:59 AM

Any update on this?

Hello, I honestly do not know what you mean by "run Telegram". I have never heard of it. Is that a 3rd party product? What is it supposed to do? The picture you included basically only has one frame which is a Reset. I would need to see more of the conversation and some of the TMG Logging as well. What does your access rule look like?

I mean is Telegram program for PC and I write a rule in ISA like below. It worked very nice but sometimes have problem and users can't logging into Telegram via PC or Cell phone :(

Any update on this?

I attach a log from TMG too :

Can It because of License? 

It is odd because Cell phones can't open web pages but some applications work :(

What is your idea?

Based on the TMG log you attached I do not see where it is having an issue. Initiated and Closed are normal. I am not seeing a "Failing" or a "Denied". You may want to address that "Resource Allocation Failure" which is usually caused when IIS is running on TMG. If IIS is running on there disable the IIS Service and restart the machine. It should resolve that error. You may also want to reset all those Alerts and see which ones come back.

The only way to really know what is going on is to get a network trace from as many points on the network as possible. So 1.)client 2.) Internal TMG NIC 3.) External TMG NIC would be a good start. Match the network tracing up with TMG logging and see if there is anything odd there. I do not know anything about Telegram or what ports it should be using but based on your Access Rule everything should be going out through TMG as long as they are NAT clients.

It also looks like some devices on your network are triggering Flood Mitigation thresholds. Review those IP addresses and if they are expected to be generating a lot of traffic you may want to add them into Flood Mitigation settings as Exceptions.