FOREFRONT TMG 2010 CRITICAL ISSUES
Dear all,

I installed and configured the Microsoft Forefront TMG in my company's network. It's been done two weeks ago. Since then, everything is working fine and all intranet computers have worked well.

This is a two NIC server (LAN and WAN on the same machine) and WINDOWS SERVER 2008 R2 OS.

When I ran the Microsoft Forefront Best Practise Analyzer Tool, I got these two critical errors:

FIRST
"Connection to Update Source Failed"

This machine have been upgraded normally from Microsoft Update service, I really do not know the why about this issue.

SECOND
"The primary configuration storage server failed to respond on port 2172"

Thia second issue appears twice on the critical erros listed.

Can you guys help m
January 5th, 2014 3:44pm

Hi,

Thank you for your post

Port 2172 is used as the SSL control channel for authentication to the LDAP ADAM directory used by the Enterprise Management Service.  Since you stated that these are part of a domain, this error is probably benign in that.  So, with that said, lets look at that error and how to troubleshoot it.

1. Use ADSIEdit.MSC to troubleshoot. 

2. For Connection Point, select the radio button for Select or type a Distinguished Name or Naming Context: In the text box, enter (without quotes): cn=fpc2.

3. For Computer, use Select or type a domain or server: (Server|[:port]) and in the text box enter {name or IP address of the EMS server}:2171.

4. If the EMS server is able to be cot acted from the array node, then you will see a successful connect and be able to expand out the LDS tree.

If you are successful in this connection, then there is probably nothing to worry about.  If you cannot, please let me know and we can go about looking at reasons why it is unable to connect.

http://social.technet.microsoft.com/Forums/forefront/en-US/f165648c-50da-485c-a77c-ac21089e08d4/tmgbpa

Additionally, you need to check the system requirement for BPA:

http://www.isaserver.org/articles-tutorials/configuration-general/Microsoft-Forefront-TMG-Best-Practice-Analyzer.html

Best Regards

Quan Gu

Free Windows Admin Tool Kit Click here and download it now
January 6th, 2014 9:40am

Dear Quan Gu

Thank you for your reply.

Sorry, but I'm brand new with Microsoft Forefront TMG. What does EMS stands for?  Is the EMS server my Forefront TMG server?

I tried your steps using the IP 127.0.0.1:2171 as my EMS Server, and it connected and worked as you can see bellow:

Do you think it's all right?

Thank you in advance

January 9th, 2014 1:52am

Hi,

Based on your update, i think it may be  a false positive issue. Does BPA work well?

Best Regards

Quan Gu

Free Windows Admin Tool Kit Click here and download it now
January 9th, 2014 6:21am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics