Forefront
United States (English) Sign in
Home Unified Access Gateway Forefront Identity Manager Previous Versions Library Forums
This topic has not yet been rated - Rate this topic

URL filtering troubleshooting flow

Published: November 15, 2009

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

This topic is designed to help you troubleshoot and resolve URL filtering issues.

Issues include:

  • Incorrect or unknown site categorization.

  • Failure to prevent access to blocked sites.

  • Inconsistent access based on IP address.

The following sections provide:

To troubleshoot URL filtering issues, you must be familiar with the following Forefront TMG procedures:

This flowchart guides you through the steps required for troubleshooting URL filtering.

URL filtering troubleshooting flow

The following procedures describe steps you might need to take when you use the flowchart to troubleshoot URL filtering:

How to query the Forefront TMG logs for MRS servers

  1. Obtain the IP addresses of the Microsoft Reputation Services (MRS) servers. At the command prompt of the Forefront TMG server, type:

    for %i in (ds ts) do nslookup 10.%i.mrs.microsoft.com 

    This is an example of valid results:

    Obtaining IP addresses of MRS servers

  2. Query Forefront TMG logs for the MRS servers by using the Web Proxy Logging filter and the Firewall Logging filter.

    noteNote:
    Log query filters use "and" by default; searching for multiple IP addresses in a single query will produce no results.

    This table lists the parameters you must select or enter when you query the logs using the Web Proxy Logging filter.

     

    Filter by Condition Value

    URL

    Contains

    mrs.microsoft.com

    Log Time

    Last 24 Hours

    Live (if observed while reproducing the issue)

    NA

    Action

    Not Equal

    Connection Status

    This table lists the parameters you must select or enter when you query the logs using the Firewall Logging filter.

     

    Filter by Condition Value

    Destination IP

    Equals

    IPv4 IP address obtained during name resolution troubleshooting

    Log Time

    Last 24 Hours

    Live (if observed while reproducing the issue)

    NA

    Action

    Not Equal

    Connection Status

How to obtain or renew a WSS license

URL filtering is subscription based, and is part of the Forefront TMG Web Security Service license. For licensing information, see How to Buy (http://go.microsoft.com/fwlink/?LinkId=179848).

Did you find this helpful?
(1500 characters remaining)
© 2013 Microsoft. All rights reserved.