Firewall/Proxy Server Issue

Similar Messages

• How to activate and utilize the Creative Cloud with a proxy server.

  Anyone know how to get the cloud activated from behind a firewall / proxy server?

  My Adobe Application Manager connects, updates and downloads all applications.
  However, when I open an application, it does not detect a connection to the internet and states that an "Internet connection is required for subscriptions."
  So what is it that I have to do to get this to work?  Many people are having this issue, do a google search on this and you will not find a solution.  We need one from Adobe.
  Thanks!

• Proxy Problem The proxy server is refusing connections

  I run Windows XP. I did have a Cybot backdoor Activity attack intercepted by Norton Internet Security and I used the Norton NPE to remove it from the computer. I do not know if this caused the proxy problem or not.
  There is no proxy problem connecting to the internet through Internet Explorer just through Mozilla Firefox.
  When Mozilla Firefox tries to connect to the internet I get the following message:
  Firefox is configured to use a proxy server that is refusing connections.
  Check the proxy settings to make sure that they are correct.
  Contact your network administrator to make sure the proxy server is
  working.
  In Mozilla I click Tools, options, advanced, network, settings. Under settings Proxy is set on manual, it says that there is no proxy for the figures typed in.
  So I click auto detect proxy and I then can connect to internet through Mozilla, however when I log out of the internet, the same proxy server issue is recreated.
  What should the Proxy setting be?

  You can find the connection settings in Tools > Options > Advanced : Network : Connection
  If you do not need to use a proxy to connect to internet then select "No Proxy"
  See "Firefox connection settings":
  * https://support.mozilla.com/kb/Firefox+cannot+load+websites+but+other+programs+can
  Start Firefox in <u>[[Safe Mode]]</u> to check if one of the extensions is causing the problem (switch to the DEFAULT theme: Firefox (Tools) > Add-ons > Appearance/Themes).
  *Don't make any changes on the Safe mode start window.
  *https://support.mozilla.com/kb/Safe+Mode
  *https://support.mozilla.com/kb/Troubleshooting+extensions+and+themes
  See also:
  *http://kb.mozillazine.org/Preferences_not_saved

• Microsoft outlook 2010 not working after installing proxy server and ForeFront TMG firewall

  I am trying to have Outlook 2010 work though proxy server recently installed on internal network, I have configured IE to use the proxy settings, but I cannot find the
  same with Outlook 2010, I want to clarify that we use Outlook 2010 to connect to internet email and we installed ForeFront TMG firewall on the proxy server and as a result of that we changed the IP settings and after that Outlook stopped sending and receiving
  mails and gives error: “receiving reported error (0x800408fc): 'The Server name you entered cannot be found (it might be down temporarily).”
  So please help us by sharing how to fix this issue to make Outlook work though proxy server
  Thanks

  Hi,
  Are you using Exchange account? If you are changing your Exchange account to use a proxy server, I suggest we can create new profile and automatically re-configuring your account with autodiscover service to have a try:
  http://support.microsoft.com/kb/829918
  If the account can’t be configured automatically, please manually configure the account and change the settings for procy server:
  1. In the Account Settings dialog box, click the
  Email tab, click to select the Exchange account, and then click
  Change.
  2. Click More Settings. On the Connections tab, click
  Exchange Proxy Settings.
  3. In Connection settings, type the proxy server FQDN under Use this URL to connect to my proxy server for Exchange, click OK to have a try, and then click
  OK to save all settings.
  4. Restart Outlook.
  Regards,
  Winnie Liang
  TechNet Community Support

• I just bought a ipod touch. I am unable to use it because itunes tells me I have no internet connection (unknown error 306). I have tried all the suggestions I can find, including checking the firewall, the no proxy server is checked, resetting cache on i

  I just bought a ipod touch. I am unable to use it because itunes tells me I have no internet connection (unknown error 306). I have tried all the suggestions I can find, including checking the firewall, the no proxy server is checked, resetting cache on itunes, I even scanned the computer with Registry Easy but nothing worked.  I use Mozilla Firefox and have a PC with Windows 7. Obviously, buying a ipod and being unable to use it for 3 days (and counting) because I am unable to register it, is pretty frustrating. Can anyone help?

  Did you try all of this:
  iTunes Store loads partially or returns "Error 306" or "Error 10054"
  Proxies, parental control settings and software, security or filtering software, or a bad iTunes Store cache can cause this.
  To address proxies, Remove Internet Options proxy settings and connect to the Internet without a proxy.
  To reset iTunes Store cache:
  In iTunes, choose iTunes > Preferences (Mac) or Edit > Preferences (PC).
  Click the Advanced tab.
  Click the "Reset cache" button.
  Click OK and see if the issue is resolved.
  Adjust Parental Controls in iTunes:
  Open iTunes.
  Access iTunes preferences:
  On a Mac: From the iTunes menu, choose Preferences.
  On a Windows PC: From the Edit menu, choose Preferences.
  Click the Parental Controls tab.
  Remove restrictions on Parental Controls.
  For more information on parental controls or content filtering software, see iTunes 10.5 for Windows: May see performance issues and blank iTunes Store.
  For more information on other security software, see iTunes: Troubleshooting security software issues.

• Squid proxy server (redhat) latency issues?

  I need to deploy a proxy server on a network servicing about 200 machines.
  If I virtualize redhat Linux to use squid, will the latency be too much?  Bear in mind that the underlying OS and hardware (server 2008 on RAID-5 and 2GB of RAM) must also act as a WDS server.  If it weren't for the necessity of WDS I would make
  the whole machine a RHL box.
  My boss thinks that there will be too much latency... I on the other hand don't have the experience to know or the time to build a prototype for testing it. 

  I would doubt that the latency will be an issue.  Almost every kind of workload is being virtualized these days. Hypervisors in general, and Hyper-V in particular, offer synthetic devices such as NICs and storage controllers along with custom device
  devices for those synthetic devices specifically so that performance and latency can get pretty close to what you would have with physical devices.  Virtual appliances for various network functions such as proxies, firewall, and load balancers, have been
  created specifically to run in virtual environments, and they are achieving the necessary performance and latency.  I'm sure there might be specific situations that are particularly sensitive to latency and that could be a problem running virtual, but
  all the mainstream scenarios are pretty much OK.
  Michael Kelley, Lead Program Manager, Open Source Technology Center

• Outlook 2011 Connection Issue with Proxy Server after 10.8 Upgrade

  Hello,
  After upgrading my MBA to 10.8, my MS Outlook (Outlook Mac 2011) mail connection does not work for an exchange based mail account where a VPN/proxy server combination is involved. This was not an issue at all under 10.7. What's interesting is that it's not an issue with MS Outlook 2010 on my Parallels VM either under 10.8. There are no internet connectivity issues, I am able to connect to the internet using Safari and other browsers. Any help would be appreciated.
  Thanks,
  Manish

  I was having a similar problem using Outlook 2011 running under Mountain Lion (10.8.2) on an MacBook Pro. When at work, behind our proxy server, I could not get Outlook to connect to a client's public Exchange server, but this worked fine without changing any settings when I was connected to our DMZ network or at home (no proxy server in these cases). My MacBook was configured to use "Auto Proxy Configuration", and Safari worked fine in all three locations (as did Apple mail)
  Today, the Microsoft Office auto-updater downloaded an update, and since it was installed, the problem has been fixed and I've been able to connect to our client's external Exchange server event when behind our local proxy server (Outlook now reports that the latest installed update is 14.2.5)
  Steve

• Issue with Sun Java Web Proxy Server

  I am using Sun Java Web Proxy Server to test my webservice in https mode.(SSL mode).When i test the webservice in http mode,its working fine,but when I test it in SSL mode ,it is giving the following error:
  Unable to tunnel through localhost:8082. Proxy returns "HTTP/1.1 403 Proxy denies fulfilling the request"
  When I am requesting the webservice using the following parameters:
  a)-Dcom.yodlee.soap.services.url=https://localhost:1080/yodsoap/services
  b)-Dyodlee.sdk.https.proxyHost=localhost
  c)-Dyodlee.sdk.https.proxyPort=8082
  d)-Dcom.yodlee.soap.client.http11Enabled=1
  this parameters is used to set the client http connection to HTTP1.1 by setting the HTTP_TRANSPORT_VERSION.
  Detailed error message is as follows:
  Caused by: java.io.IOException: Unable to tunnel through localhost:8082. Proxy returns "HTTP/1.1 403 Proxy denies fulfilling the request"
       at org.apache.axis.AxisFault.makeFault(AxisFault.java:129)
       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:131)
       at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
       at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
       at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
       at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
       at org.apache.axis.client.Call.invokeEngine(Call.java:2492)
       at org.apache.axis.client.Call.invoke(Call.java:2481)
       at org.apache.axis.client.Call.invoke(Call.java:2176)
       at org.apache.axis.client.Call.invoke(Call.java:2099)
       at org.apache.axis.client.Call.invoke(Call.java:1622)
       at com.yodlee.soap.core.login.CobrandLoginSoapBindingStub.loginCobrand(CobrandLoginSoapBindingStub.java:225)
       at com.yodlee.soap.core.login.CobrandLoginSoapClientProxy.loginCobrand(CobrandLoginSoapClientProxy.java:119)
       ... 1 more
  Caused by: java.io.IOException: Unable to tunnel through localhost:8082. Proxy returns "HTTP/1.1 403 Proxy denies fulfilling the request"
       at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:197)
       at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
       ... 12 more
  This error message shows that its not able to get the socket connection to the server.Can anyone tell me the reason of it.
  If you need any more info do let me know.
  Regards,
  Somendra

  First of all, is there a reason why you are using jRockit?
  Since the issue appeared after upgrading the windows, the issue would potentially be in the interaction between JVM and OS.
  Also, there were some issues related to memory leak that were fixed in AS 8.2.
  May be you should try with a Sun JVM and AS 8.2.

• Issue with binary attribute types through Directory Proxy Server 6.3.1

  I'm having problems with DPS 6.3.1.1 on Solaris 10 with binary attribute types. From most LDAP servers, requesting an attribute such as userCertificate would return userCertificate;binary without any issues. However, DPS seems to consider these two separate attributes. In order to see userCertificate;binary, I have to ask for it in that exact format. This obviously is causing trouble for many clients as they shouldn't care about the binary type as it's the same attribute.
  I've tried to correct this with a virtual data transformation (dpconf add-virtual-transformation 'PKI Tree' read add-attr-value userCertificate \${userCertificate\;binary}) but the end results are the same. Any ideas on how I can correct this one?
  Thanks in advance.

  Here is some complementary information:
  system (uname -a):
  SunOS xxx 5.10 Generic_142900-13 sun4u sparc SUNW,Sun-Fire-V440
  since patch 118666-26: update java 1.5.0 update 24
  we are experiencing the follwing problem:
  xxx$ ./dpadm start /opt/ldap/instances/mail/
  The Directory Proxy Server instance '/opt/ldap/instances/mail' failed to start after the waiting period.
  The Directory Proxy Server instance start has produced the following error output:
  Exception in thread "main" java.lang.NoSuchFieldError: strm
  at java.util.zip.Inflater.initIDs(Native Method)
  at java.util.zip.Inflater.<clinit>(Inflater.java:60)
  at java.util.zip.ZipFile.getInflater(ZipFile.java:375)
  at java.util.zip.ZipFile.getInputStream(ZipFile.java:320)
  at java.util.zip.ZipFile.getInputStream(ZipFile.java:286)
  at java.util.jar.JarFile.hasClassPathAttribute(JarFile.java:469)
  at java.util.jar.JavaUtilJarAccessImpl.jarFileHasClassPathAttribute(JavaUtilJarAccessImpl.java:21)
  at sun.misc.URLClassPath$JarLoader.getClassPath(URLClassPath.java:809)
  at sun.misc.URLClassPath.getLoader(URLClassPath.java:293)
  at sun.misc.URLClassPath.getResource(URLClassPath.java:160)
  at java.net.URLClassLoader$1.run(URLClassLoader.java:192)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:300)
  at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:268)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:252)
  at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320)
  The Directory Proxy Server instance '/opt/ldap/instances/mail' is not running.
  We have tried to install patch 118666-27 (not recommended, but already available) which includes jdk 1.5.0 update 25 -> same problem
  When returning to jdk 1.5.0 update 20 the directory proxy server starts as normal

• Running windows 7 firefox refuses to come up, proxy server is refusing connections network adminiastrater says proxy servers are correct and is issue with firefox what do I do/ do

  I start up firefox and it says the proxy server is refusing connection. It is configured to use a proxy server that is refusing connections. To check the proxy servers and ask network administrater to make sure proxy server is correct They say the proxy server is correct and it is a firefox problem. So what to I do now?

  Make sure that the Firefox connection settings are the same as in IE.
  You can find the connection settings in "Tools > Options > Advanced : Network : Connection"
  If you do not need to use a proxy to connect to internet then select No Proxy
  In Firefox 3.6.4 and later the default connection settings have been changed to "Use the system proxy settings".
  You can compare them with the IE settings in the Internet Options (Control Panel).
  Control Panel > Internet Options > Connections: LAN Settings

• Issue with using Sun Java Proxy Server

  We are trying to access the WebService using the Sun Proxy Server.
  When I access the WebService through proxy ,I find the error message in proxy error log as
  [18/Oct/2005:19:10:40] failure ( 1288): for host 127.0.0.1 trying to POST http://localhost:1080/yodsoap/services/CobrandLogin, service-http reports: HTTP7760: error reading request body (Client closed connection)
  and the access log is as follows:
  POST http://localhost:1080/yodsoap/services/CobrandLogin HTTP/1.1" 400 147
  But when i see the WebServer access log for the same WebService POST /yodsoap/services/CobrandLogin HTTP/1.1" 200 1783 "-" "Axis/1.1RC1"
  This case is happening when the request is compressed for the webservice. and the request headers are as follows:
  POST /yodsoap/services/CobrandLogin HTTP/1.1
  Content-Type: text/xml; charset=utf-8
  Accept: application/soap+xml, application/dime, multipart/related, text/*
  User-Agent: Axis/1.1RC1
  Host: 127.0.0.1
  Cache-Control: no-cache
  Pragma: no-cache
  SOAPAction: "loginCobrand"
  Content-Length: 1412
  Connection: close
  Content-Encoding: gzip
  And the response headers are as follows:
  HTTP/1.1 200 OK
  Server: Resin/3.0.8
  Content-Type: text/xml; charset=utf-8
  Transfer-Encoding: chunked
  Date: Tue, 18 Oct 2005 13:41:50 GMT
  So ,we found out that if we dont use the proxy server,then the WebService is working properly,but if we start using the proxy server,we are encountering HTTP400 error.
  Any ideas will help out to solve this problem..???
  Thankz in advance.
  Regards,
  Somendra

  This is what I see in the error message:
  ProxyFactory initialized in SOAP_CLIENT_MODE
  System property : com.yodlee.soap.client.log4j.config not found. Using the default config resource : com.yodlee.util.soap.log4j
  ProxyFactory initialized in SOAP_CLIENT_MODE
  System property : com.yodlee.soap.client.log4j.config not found. Using the default config resource : com.yodlee.util.soap.log4j
  HTTP Header name and value is HTTP/1.1 400 Bad request
  HTTP Header name and value is Server Sun-Java-System-Web-Proxy-Server/4.0
  HTTP Header name and value is Date Tue, 18 Oct 2005 14:56:21 GMT
  HTTP Header name and value is Connection close
  com.yodlee.core.CoreRemoteException: org.xml.sax.SAXException: Bad envelope tag: HTML
       at com.yodlee.soap.core.login.CobrandLoginSoapClientProxy.loginCobrand(CobrandLoginSoapClientProxy.java:132)
       at SoapClient.main(SoapClient.java:45)
  Caused by: org.xml.sax.SAXException: Bad envelope tag: HTML
       at org.apache.axis.AxisFault.makeFault(AxisFault.java:129)
       at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:543)
       at org.apache.axis.Message.getSOAPEnvelope(Message.java:376)
       at org.apache.axis.client.Call.invokeEngine(Call.java:2511)
       at org.apache.axis.client.Call.invoke(Call.java:2481)
       at org.apache.axis.client.Call.invoke(Call.java:2176)
       at org.apache.axis.client.Call.invoke(Call.java:2099)
       at org.apache.axis.client.Call.invoke(Call.java:1622)
       at com.yodlee.soap.core.login.CobrandLoginSoapBindingStub.loginCobrand(CobrandLoginSoapBindingStub.java:225)
       at com.yodlee.soap.core.login.CobrandLoginSoapClientProxy.loginCobrand(CobrandLoginSoapClientProxy.java:119)
       ... 1 more
  Caused by: org.xml.sax.SAXException: Bad envelope tag: HTML
       at org.apache.axis.message.EnvelopeBuilder.startElement(EnvelopeBuilder.java:107)
       at org.apache.axis.encoding.DeserializationContextImpl.startElement(DeserializationContextImpl.java:934)
       at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1635)
       at org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:634)
       at org.apache.crimson.parser.Parser2.parse(Parser2.java:333)
       at org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:448)
       at javax.xml.parsers.SAXParser.parse(SAXParser.java:345)
       at org.apache.axis.encoding.DeserializationContextImpl.parse(DeserializationContextImpl.java:230)
       at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:538)
       ... 9 more

• Successfully Installing & Activating CS6 (not Creative Cloud) behind an Authentication Proxy server

  If you are like me and work in a fairly secure office where all Internet access is routed through an authenticate proxy server (you have to use an ID and password to get to the Internet) you might have noticed that installing CS6 products can be difficult.
  The installer told me to go to http://www.adobe.com/go/getactivated for an offline activation.
  It is not practical to "Disable the firewall" or"Disable the proxy" as most of us worker bees have neither the authority or ability to do such a thing.
  So back to that last bit: "Disable the proxy server." Well I could not do that, but I could disable my PC's ability to connect to the proxy and therefore make it seem like I had no Internet whatsoever. And lo and behold all the right prompts appeared and offline activation sailed along smoothly!
  This is a little long, but I wanted to include lots of screen shots so you'll know what to expect.
  Here's how I did it:
  1. Right-click the Internet Explorer Icon on your desktop (or select Tools > Internet Options in IE)
  2. Click Properties.
  3. Select the Connections card.
  4. Click LAN Settings.
  5. Uncheck any boxes (you might want to write down what was in the boxes or grab a screen shot as you'll have to put this back to how you found it later to restore your Internet access). Click OK and OK again. You've now shut off IE's ability to hit your proxy server and therefore the Internet.
  6. Click Install I have a serial number
  7. Accept the license agreement.
  8. Enter your license key.
  9. Click Next. At this point the installer will attempt to validate your license, but since you haven't got Internet access, it will give you an error. This is where the process broke down on me, when the installer could detect the Internet but not navigate my proxy.
  10. But, now beacuse you do not have Internet Access, you'll get this error. Click Connect Later.
  11. Select your customizations (if any) and click Install.
  12. When installation is complete, click Launch Now.
  13. You'll get an error since you don't have Internet, click "Having Trouble Connecting to the internet?"
  14. Click Offline Activation.
  15. Click Generate Request Code.
  16. Go to http://www.adobe.com/go/getactivated, sign in, put in your request code and serial number and generate the response code.*
  17. Enter the response code.
  18. Click Activate.
  19. Click Launch when you get the Offline Activation Complete dialog.
  * if you are installing more than one product, generate the response codes for each at the same time. I ran into an issue where once I created a response code, no other response codes I created for subsequent installs were accepted. I had to wait 24 hours for a newly generated code to work.
  You are done! Enjoy your software!
  Cheers!
  -Greg

  Just want to point out--after many hours of attempting to activate CS6 software (stumping two Adobe techs in the process)--that there is one important bit of information left out of the directions given above (and it's not in the video either):
  These instructions work only if you are starting the installation from scratch.  If you (mistakenly) think that your inability to connect to Adobe's activation server is temporary and go ahead and install the software, you will not be able to get back to the screen to generate a request code (which you need to be able to activate the application).  This is in spite of Adobe's assurance to the contrary that if you don't activate during installation, you can do it later when the application starts.  If you try to activate later, you are taken to an online screen that asks for the "request code"--but you have not been given an opportunity to get that request code.
  The only solution I could find:  I had to uninstall Photoshop CS6, then unplug my internet connection, then reinstall the software, watching carefully for the screen that provides the button to generate a request code.  If Adobe is going to require the activation/validation procedure, then it really needs to make it work and correct the error in the software, namely, the failure to provide for offline activation once the software has been installed.

• ADFS 3.0 - Web Application Proxy configuration Issue

  Hi All,
  We are in the process of implementing ADFS 3.0 published to the internet for o365 Federation purposes.
  The setup consists of the following
  - 2 x windows 2012 R2 running ADFS 3.0 ( only one server presently installed and configured though)
  - 2 x Windows 2012 R2 Running Web Application Proxy (  only one server presently installed and configured though ).
  There is an F5 Big-IP load-balancer for both internal and external interfaces and it has been configured after a lot of issues with the SNI part on the F5.
  So, in short the setup is now a single server hosting ADFS 3.0 using SQL and a single WAP server, however the traffic to these servers are still going through the LB.
  Now the issue is that i cannot complete the installation/configuration of the Web Application Proxy server. There is  a firewall in between our DMZ and the internal network. I can reach the internal services via the following url and telnet on port 443
  to the federation service as well. (ports for 443 and 80) are opened to internal network on the load balancer ip . I can reach https://fs.domain.com/adfs/ls/idpinitiatedsignon.aspx and federationmetadata/2007-06/federationmetadata.xml location as well
  from the Web APplication proxy server without any issues or certificate prompts at all.
  When i do the configuration for WAP, i use the same account which was used as a service account for the ADFS service internally. If i use a local admin account, it errors out with another message stating the connection was closed.
  The certificate on the internal server along with its private key was exported and has been imported on the WAP server . This is not internal CA, instead we are using DIGICERT SSL with SAN Names for enterprise registration and work folders. Hence the CA Chain
  issue is ruled out and also this is not a wild card certificate.
  When the wizard starts configuring, it does establish the trust with the federation service which is shown up in the event viewer with  EventID 391 within 15 seconds i get another event id 422 which states that it cannot retrieve the proxy configuration
  and eventid 276 on the Federation server which states the authentication failure. this continues until the servers stops to try configuring the wizard. 
  I have read all the available threads on the 3.0 WAP installation /configuraiton problem and tried all the steps possible but i am still stuck with this issue.
  There is one more part that i noticed on the ADFS server, that the self signed services for the token-encrypting and token decrypting are self-signed certificates. Also, in the certificates it was showing up as not trusted. and i installed them to the TRUSTED
  ROOT CERTIFICATION STORE after wich i cannot see any private key showing up when viewing the certificate which means i cannot get the MANAGE PRIVATE keys option when right clicking on the cert to assign read permissions for the ADFS service account.
  Should i assign the same SSL sertificate (SAN based for enterpriseregistration & Workfolders) to the token-encrypting and token-decrypting services in ADFS console or should i leave them as self signed ? I did read that self-signed is not recommended for
  production environment ? If not the same certificate what are the requirements for the certificate ?
  I am not sure what I am missing in the configuration that is causing this issue. The WAP servers are not part of the domain and have also ensured the time synchronization between the domain machine as well.
  The service name is fs.domain.com on both the internal and external DNS ( we have domain.com as a zone in DNS internally as well ). I am able to Authenticate inside and from the WAP server when accessing the link.
  Could it be a Load Balancer Configuration ? [i will try eliminating this from the configuration]
  Let me know if there are any options that i can try to resolve this and get the configuration working.
  Cheers,

  Does the load balancer pass the certificate session through to the ADFS server or are you offloading SSL. SSL offload does not work with WAP/ADFS integration (at least at the time of writing it does not).
  Can you try through the load balancer with SSL pass through turned off please.
  Also as ADFS 3.0 (Server 2012 R2) uses Server Name Indication (SNI) then any health checks that run on the load balancer must support this, so if they do not then you need to use TCP 443 checks for a listening port, as doing a standard HTTPS check will fail,
  and if the load balancer fails its checks whilst you are configuring ADFS that might be a reason why it has gone offline for you (error 442 is to do with failure to swap client certificates between WAP and ADFS).
  Finally, check the June update to Server 2012 R2 (http://support.microsoft.com/kb/2964735) as that has fixed some certificate issues with multiple servers for WAP and ADFS when you don't have the
  2012 R2 AD schema in place.
  Brian Reid
  Exchange MVP and Exchange and  Office 365 Certified Master
  www.c7solutions.com
  Brian Reid C7 Solutions Ltd (www.c7solutions.com)

• Unable to use proxy server with MAC OS X Anyconnect client

  Hi All,
  I have a VPN setup thru a Cisco 5520, Windows clients connect just find and the end users configure there browser to use our internal proxy servers.   Users with the MAC OS X Anyconnect client can connect, they configure their Mac to use our proxy server, but the broswers will not work, clients can reach networks and resources behind the VPN gateway and have access to the Proxy(Tried a telnet to that hostname/port).  Anyone run into this issue before?  I am running ASA 8.3(2), Anyconnect(OS X) 3.1.01065.
  Thank You

  We had the same problem.
  We are behind government firewall so I don't know which Cisco firewall is used but we are using AnyConnect to establish VPN from internet to LAN behind firewall. We have no problems with Windows. With Mac OS X connection through proxy didn't work with Safari and Chrome (both are using system Proxy setting), but it did work with Firefox (which has it's own Proxy).
  Finally we found out that ethernet MTU size was the culprit. When we set it to manual, with size being 1347 (or less), proxy started to work.

• DirectAccess Force Tunneling via proxy server (TMG)

  Hello
  I am looking to enable Force Tunneling for DirectAccess.  All web traffic would then go via TMG proxy.  This is all fine, but in the past this was once configured and stopped IMAP from working?  
  The question is, would forced tunneling only send http/https traffic to the proxy by design and all other traffic directly out? Other traffic does traverse the proxy when internal to the LAN but I am sure DA treats this a little different in terms of what
  protocols are forwarded - Is this correct?
  If this is the case then I am assumming the firewall infrastructure is stopping IMAP?
  Thanks

  Hi There - it is a strong recommendation even in Microsoft deployments not to use Force Tunnelling unless you really have to. Using Force Tunnelling will always revert to IP-HTTPS which is still technically the slowest of the transition technologies. This
  means DirectAccess clients use only IP-HTTPS to obtain IPv6 connectivity to the DirectAccess servers over the IPv4 Internet.  IP-HTTPS has much higher overheads than IPv6, 6to4 or Teredo. Also your proxy server will handle every request and consume
  plenty of bandwidth and you cannot put NRPT exemptions in force tunnelling as all traffic has to come through the tunnel. There is also the small issue of captive portals. There are more things to list but the above should be enough to start an argument on
  why not to do it !!
  You could implement a split tunnel with enforced web proxy (seeing as you have TMG) as per the guide / recommendations by Shannon Fritz below (which works well in reality.
  http://www.concurrency.com/infrastructure/web-filtering-for-directaccess-users-55/
  Kr
  John Davies