How to Fix Web Application Proxy and AD FS Certificate Issues (Error Code 0x8007520C)

Posted February 21, 2015

I recently moved my lab environment from one storage to another, and after moving the files and re-configuring the Hyper-V VMs, I received the following error from my Web Application Proxy (WAP): The operation stopped due to an unknown general error. Error code 0x8007520c For some reason I was unable

Read More
Fastvue TMG Reporter 3.0 Beta Now Available

Posted February 12, 2015

I’m excited to announce that Fastvue TMG Reporter 3.0 Beta is now available to test out! New Features in Fastvue TMG Reporter 3.0 Fastvue Site Clean. Private Report Sharing (including Scheduled Private Reports). Activity Report Gantt Bars Active Directory Security Group Filtering Filter by Firewall Server Name or Firewall Server

Read More
Updated Exchange 2013 Forms Based Authentication Templates for TMG

Posted October 7, 2014


It’s been a year since I created the Exchange 2013 Forms based authentication templates for Forefront TMG. When they were released, only the main login and logout forms were reworked in the Exchange 2013 style, and I received many requests to extend this to other forms, such as the Change Password

Read More
Understanding Hyper-V Dynamic Memory (Dynamic RAM)

Posted August 28, 2014


Running resource intensive applications on a virtual machine is a great way to ensure they do not consume more compute resource than is necessary, and the same physical machine can be used to run multiple discrete workloads. A great example of this is generating reports in TMG Reporter, Sophos Reporter or WebSpy Vantage. The reporting

Read More
Forefront TMG HTTPS Inspection Issues with SHA256 / CNG Certificates

Posted May 6, 2014

I’d like to share an important issue I discovered recently that many Forefront TMG administrators may be experiencing. The problem affects accessing popular HTTPS websites when the Forefront TMG HTTPS Inspection feature is enabled. As you may know, many public websites were affected by the recent Heartbleed vulnerability. Fortunately, Heartbleed  had

Read More
How to Enable and Disable SSL / TLS Versions on Forefront TMG

Posted May 5, 2014

In my previous article What everyone should know about HTTPS, SSL, TLS and Certificates, I covered the basics of cryptography protocols and I touched lightly on the point that SSL and TLS are generally interchangeable terms referring to the same thing. In this article I will go a little deeper into

Read More
How To Extend Forefront TMG’s Web Protection Services (WPS) After November 30 2012

Posted February 9, 2014

As you probably know, Microsoft stopped selling Forefront TMG as well as its subscription based Web Protection Services in December 2011. Although you can still purchase Forefront TMG through the OEM loophole, there is no way to purchase a new subscription of Web Protection Services. This means that Forefront TMG

Read More
The Ins and Outs of Bi-directional Firewall Rules

Posted November 14, 2013

When I look at firewalls rule sets maintained by other companies, I often notice the same common mistakes. The one is see most often is potentially the worst. I can speculate on a number of reasons how these rules actually get defined and implemented, but it all comes down to

Read More
Forefront TMG Forms Based Authentication Template for Exchange 2013 OWA

Posted October 16, 2013


We’ve created a new mobile friendly Forefront TMG Forms Based Authentication template in the new Exchange 2013 style. Download it here!

Read More
How To Solve “13 The Data Is Invalid” Error in Forefront TMG

Posted October 7, 2013

Last week we had a problem with one of our customers that was trying to access a new web site recently built and hosted at their cloud provider. When running a query in Forefront TMG Logs and Reports view, I found the error below: Failed Connection  Attempt Log type: Web 

Read More