Troubleshooting integration with Forefront TMG

Applies to:
  • Forcepoint URL Filtering, v8.5.x

SecureNAT clients are not receiving the correct policy

If you are using non-web proxy clients (for example, Firewall Client with proxy server disabled, or SecureNAT clients) with TMG, additional configuration of the ISAPI filter is required. Follow the instructions in Configuring for TMG using non-web-proxy clients.

No policy enforcement occurs after the plug-in is installed

If users requests are not being handled properly after the ISAPI Filter plug-in has been installed on the Forefront TMG machine, the plug-in may not be able to communicate with Filtering Service.

Verify that the ISAPI Filter plug-in is using the correct Filtering Service information.

  1. Go to the Windows system32 directory and open the wsMSP.ini file.
  2. Under [initSection], check the EIMServerIP and EIMServerPort parameters (these are the Filtering Service IP address and port, respectively). For example:

    [initSection]

    EIMServerIP=10.203.136.36

    EIMServerPort=15868

    The default port is 15868.