Tuesday, June 14th, 2011
Working with a client on an Exchange 2003 to Exchange 2010 migration and had some issues with Outlook Anywhere working. I did some digging and resolve the issue as being something stupid I had done with the TMG 2010 rules. However along the way I found this particular error occurring at times and for a short while it lead me on a wild goose chase.
I eventually through the power of google, found this article here explained it all to me. Long story short – it’s by design, but the author of the article did even more digging that explains exactly why it’s by design.
Friday, December 10th, 2010
Today I had to create a rule in ISA/TMG for a client to allow any computer to get out to the Windows Activation Servers without the user being given access to other websites. It was pretty simple but I thought I’d share with you all.
Basically all the rule has to do is to allow HTTP and HTTPS protocols out from All Protected Networks to 22.214.171.124 (this is a referrer server that MS use to direct it to another country/locality based activation server) and create both a Domain Name Set and a URL set for *.microsoft.com. I could have gone more precise with the *.microsoft.com but that might then break things in future if the activation servers change based on the referral server.
The rule looks like this.
Build the rule, apply it – wait a few minutes for TMG’s configuration to sync with the TMG Configuration Database and you should be good