Hello, I have installed a pilot for DA with a Windows 2012 r2.

One of the requirements is that the DA need to have Force Tunneling.

Clients have Windows 7 with Internet Explorer 9.

We use TMG as a Proxy.

After some tests, i enabled force tunneling and my test clients can't connect to the internet with Internet Explorer.

If i use Firefox they browse without problems.

Does anyone know how to fix this ?

Regards

 

Another issue,people that use office365, outlook can't connect to the email server.

When i see the Logs

Apear this

A non-SYN packet was dropped because it was sent by a source that does not have an established connection with the Forefront TMG computer.

Hi There Joao - unless there is a specific requirement Microsoft do no really recommend in live deployments of using Force Tunneling - I can give you a list of arguments if needed. Most deployments that I do I implement split tunnelling with enforced proxy using TMG / Bluecoat etc.

If it is an option then use this link for split tunnel with enforced proxy

http://www.concurrency.com/infrastructure/web-filtering-for-directaccess-users-55/

This will alleviate any issues on the force tunnel and would actually improve performance

Kr

Hello

I know, but is a client requirement, because of legal questions.

the weird is that in Firefox and chrome it works. 

regards

Hi Joao - I have seen this before but I am wracking my brains to remember the resolution. Have you tried running fiddler on the client to see what happens which is a great tool for web based troubleshooting. Reading through it appears the TMG is dropping the traffic as it does not trust the source request.

With regards Outlook there is a registry fix if the Outlook Client is reporting as disconnected.

http://directaccessguide.com/2013/11/06/errors-with-outlook-and-directaccess-forced-tunneling/

Please let us know, what do you see in fiddler logs, so that we can take this up further.

Hello

Thanks for the reply.

After i configure ISATAP for the proxy server all begin to work.

Regards