Tag: Microsoft Forefront Threat Management Gateway

How to Configure Single Sign-On for Outlook Web Access 2007 on NetScaler

Citrix Leave a comment

This article contains information about configuring Single Sign-On (SSO) feature for Outlook Web Access (OWA) 2007 using form-based authentication.

Background

OWA 2007 must send an HTTP Form POST request to a specific address on the back end Client Access Server, to provide the credentials that are authenticated with the Authentication, Authorization, and Accounting (AAA) virtual server. The resource address differs for each product and each version of Exchange Server.

Requirements

You must configure the following virtual servers before you configure the SSO feature on a NetScaler appliance:

  • A Secure Socket Layer (SSL) Offload virtual server

  • A AAA virtual server to authenticate the user

Related:

7021037: How to Update GWAVA 6

Novell Leave a comment
To update GWAVA 6 follow the instructions below:

1. Enter the GWAVA Management Console by typing in the iIP address of the server followed by :49282.

2. Click on System Management – System management – Online Updates

3. Check the Version history to see if any updates are available for your server.

4. Click on Submit Update Request

This will proceed to download the latest version of GWAVA 6 from the GWAVA server.

Note: Proxy servers and firewalls may hinder the online update and will fail in downloading the new version. Be sure to allow port 80 on your firewall and if needs be you may enter in the proxy information within the Proxy Configuration on the server configuration page.

If your server does not have an internet connection, have a look at this article to perform a manual update.


5. When the update is completed you will see a screen that will prompt you to restart GWAVA.

6. Restart GWAVA:

How To Restart GWAVA on Linux

How To Restart GWAVA on Windows

Related:

QRadar not getting logs from TMG

IBM Customer Leave a comment
Hi,

We are using Microsoft Forefront TMG 2010 and IBM QRadar 7.2.8. We install the wincollect in the TMG Server and configured logs to Qradar and allowed QRadar IP with port 514 at TMG Server. We are not receiving logs at QRadar.

Please assist us how can we get the logs at QRadar?

Thank you

Regards,
Shaikh Jamal Uddin

Related:

MarkLeftwich liked sandrajones’s blog entry Security vulnerability on agent used for gateway. in the Application Performance Management blog.

IBM Leave a comment

Related:

KonstandinosSaipas liked sandrajones’s blog entry Security vulnerability on agent used for gateway. in the Application Performance Management blog.

IBM Leave a comment

Related:

Event ID 626 — TS Gateway Server Configuration

PCIS Support Team Leave a comment

Event ID 626 — TS Gateway Server Configuration

Updated: January 5, 2012

Applies To: Windows Server 2008

For remote clients to successfully connect to internal network resources (computers) through a Terminal Services Gateway (TS Gateway) server, the TS Gateway server must be configured correctly. The TS Gateway server must be configured to use an appropriate Secure Sockets Layer (SSL)-compatible X.509 certificate, and authorization policy settings must be configured correctly. Terminal Services connection authorization policies (TS CAPs) specify who can connect to the TS Gateway server. Terminal Services resource authorization policies (TS RAPs) specify the internal network resources that clients can connect to through a TS Gateway server.

Event Details

Product: Windows Operating System
ID: 626
Source: Microsoft-Windows-TerminalServices-Gateway
Version: 6.0
Symbolic Name: AAG_EVENT_LB_TSG_EXCEPTION_DISABLE
Message: The Windows Firewall exception for TS Gateway to allow network traffic comprising of Terminal Services client connections data and RPC-HTTP load balancing data (to be sent between TS Gateway servers when load balancing is used) has been disabled. This exception is automatically disabled when you remove all TS Gateway servers from a TS Gateway server farm.

Resolve

This is a normal condition. No further action is required.

Related Management Information

TS Gateway Server Configuration

Terminal Services

Related:

Event ID 625 — TS Gateway Server Configuration

PCIS Support Team Leave a comment

Event ID 625 — TS Gateway Server Configuration

Updated: January 5, 2012

Applies To: Windows Server 2008

For remote clients to successfully connect to internal network resources (computers) through a Terminal Services Gateway (TS Gateway) server, the TS Gateway server must be configured correctly. The TS Gateway server must be configured to use an appropriate Secure Sockets Layer (SSL)-compatible X.509 certificate, and authorization policy settings must be configured correctly. Terminal Services connection authorization policies (TS CAPs) specify who can connect to the TS Gateway server. Terminal Services resource authorization policies (TS RAPs) specify the internal network resources that clients can connect to through a TS Gateway server.

Event Details

Product: Windows Operating System
ID: 625
Source: Microsoft-Windows-TerminalServices-Gateway
Version: 6.0
Symbolic Name: AAG_EVENT_LB_TSG_EXCEPTION_ENABLE
Message: A Windows Firewall exception for TS Gateway has been configured to allow data for Terminal Services client connections and RPC-HTTP load balancing to be sent between TS Gateway servers when load balancing is used. This exception is automatically configured when you add the first TS Gateway server to a TS Gateway server farm.

Resolve

This is a normal condition. No further action is required.

Related Management Information

TS Gateway Server Configuration

Terminal Services

Related:

%1 failed to start. The failure occurred during %5 because the configuration property %4 of key %3 is not valid. Use the source location %6 to report the failure. The error code in the Data area of the event properties indicates the cause of the failure. For more information about this event, see ISA Server Help. The error description is: %2.

PCIS Support Team Leave a comment
Details
Product: Internet Security and Acceleration Server
Event ID: 11002
Source: Microsoft Firewall
Version: 3.0
Message:

%1 failed to start. The failure occurred during %5 because the configuration property %4 of key %3 is not valid. Use the source location %6 to report the failure. The error code in the Data area of the event properties indicates the cause of the failure. For more information about this event, see ISA Server Help. The error description is: %2.
   
Explanation

Service failed to start because the data in the storage is corrupt, due to incorrect configuration of either the registry or Active Directory.
   
User Action

If a backup exists, in ISA Management click Servers and Arrays, then right-click Name, and choose Restore. This will restore the configuration, except for server-specific configuration information, such as cache content. If this does not solve the problem, uninstall ISA Server from the Control Panel. You will lose all the configuration parameters and will have to reinstall. Reinstalling a new copy of ISA Server without uninstalling the previous copy will not solve the problem.

Related:

The action to summarize all period summaries from the array, into report “%1” failed. The error description is: %2. Use the source location %3 to report the failure.

PCIS Support Team Leave a comment
Details
Product: Internet Security and Acceleration Server
Event ID: 21022
Source: SOCKS Filter
Version: 4.0.3443.594
Component: ISA Server Services
Message: The action to summarize all period summaries from the array, into report “%1” failed. The error description is: %2. Use the source location %3 to report the failure.
   
Explanation
This failure may occur for one of the following reasons:
The log summary configuration is invalid.The log summaries can not be accessed.The merged log summary cannot be created.
   
User Action
Review other alerts to determine the cause of the problem.
Check the validity of the log summary configuration.
Check that there is enough disk space on the ISA Server computer generating the report.

Related:

ISA Server failed to reduce the size of %1 cache file.

PCIS Support Team Leave a comment
Details
Product: Internet Security and Acceleration Server
Event ID: 14196
Source: Microsoft ISA Server Control
Version: 4.0.3443.594
Component: ISA Server Services
Message: ISA Server failed to reduce the size of %1 cache file.
   
Explanation
The event may be caused by a disk I/O failure, insufficient memory, or an internal error.
   
User Action
Identify the reason for the cache failure by examining previous recorded events, and by looking at the error code. Check that the disk is connected and that it is not corrupt.

Related: