Configuring logging to a remote SQL server

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

The following procedure describes how to save log information to a remote SQL Server database.

Note

When logging to a remote SQL Server database, you cannot use the predefined reports in Forefront TMG. The predefined reports are available only when Forefront TMG saves log information to the local SQL Server Express 2008 database. When logging to a remote SQL Server database, you can create customer reports using SQL Server Reporting Services on the SQL Server.

To configure logging to a remote SQL server

  1. In the Forefront TMG Management console, in the tree, click the Logs & Reports node.

  2. In the details pane, click the Logging tab.

  3. On the Tasks tab, select the appropriate task:

    • Select Configure Firewall Logging, to specify that the Firewall log should be written to a remote SQL Server database.

    • Select Configure Web Proxy Logging, to specify that the Web Proxy log should be written to a remote SQL Server database.

  4. On the Log tab, click SQL Database.Then click Options.

  5. In Database Connection Parameters, specify the SQL Server database details:

    • In Server, type the name of the computer running SQL Server to which the information will be logged.

    • In Port, type the port number to use. The default port of the computer running SQL Server is 1433.

    • In Database, type the name of the database on the computer running SQL Server.

    • In Table, specify a table name. Forefront TMG provides two SQL scripts used to create the tables for recording the log data. For more information, see Setting up SQL Server for logging.

    • Click Force data encryption to specify that a secure connection should be used between Forefront TMG and the SQL Server computer. This setting is enabled by default to help secure log file information. To use this setting, you must have a server certificate configured on the SQL Server computer and a root certificate for the CA that issued the server certificate on the Forefront TMG server. For more information, see Encrypting connections to SQL Server, at Microsoft TechNet.

  6. In Authentication Details, select an option for database authentication:

    • Select Use Windows authentication to authenticate to the SQL Server using the computer account.

    • Select Use SQL server authentication to authenticate against SQL Server using a SQL Server account. In User and Password, type the credentials to be used. Ensure that the account has permissions to authenticate to the SQL Server computer.

  7. Click Test to verify connectivity to the SQL Server computer.

Concepts

Configuring Forefront TMG logs