Traffic being "blocked" from htts:\\login.live.com

We are running into a problem.  We are currently blocked from https:\\login.live.com. When the system restarts, we can connect and stay connected in the morning... then by afternoon/evening when our traffic increases... it shuts down (gets blocked).... but not all https, just going to this site. If we restart in the afternoon, it gets blocked right away. 

When it's blocked we can still bring up the page http:\\login.live.com, but when loging in... it jumps over to HTTPS and gets blocked.

  • The logging cache is not full.
  • Running the Traffic Simulator.... it shows Unrestricted internet access. 
  • It does not show (that I can find) Blocked Web policy violations

Is it going into lockdown mode? How do I determine that this is it? and how to tell what is causing it?

Or any clues to diagnose or fix?

Any help would be greatly appreciated.

November 19th, 2013 6:04pm

hi,

Thanks for your post here.

Firstly you need to confirm if this issue is related to the website itself. You can try to access it outside your company.

Please try to check your TMG live logging to see if there is any error information:

http://www.isaserver.org/articles-tutorials/configuration-general/Microsoft-Forefront-TMG-Logging-options-Forefront-TMG.html

if you cannot find any error information, i think you need to capture the packets to see what happened:

http://www.microsoft.com/en-us/download/details.aspx?id=4865

Best Regards

Quan Gu

Free Windows Admin Tool Kit Click here and download it now
November 20th, 2013 1:36am

Thank you for your response.

We have a second network and TMG Server.  This is how I'm able to log-in here (this site uses login.live.com (Microsoft)).

This morning everything was back up and working... I was taking readings.  This afternoon (over lunch) it went back down. I am currently looking through the logs during this time and will let you know.

I've found:

Denied Connection  - A non-SYN packet was dropped becuase it was sent by a source that does not have an established connection with the Forefront TMG computer.

I thinks I've got to capture the packets.

Thank you for your help.

G

November 20th, 2013 2:55pm

Hi,

I need to know your environment.

Do you have two or more TMG servers?

When you capture the packets, please feel free to contact me.

Best Regards

Quan Gu 

Free Windows Admin Tool Kit Click here and download it now
November 21st, 2013 12:26am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics