Forefront TMG disconnected a non-TCP connection

Similar Messages

• Forefront TMG detected a possible SYN attack and will protect the network accordingly

  Hi ,  Some times here internet is not working for using through TMG 2010. but Local Host Internet is working. then it should restart the 
  Microsoft Forefront TMG Control with related Services. then again users can access the Internet  through TMG.
  I check the Event Viewer in Server. it shows below Error Log.
  Forefront TMG detected a possible SYN attack and will protect the network accordingly
  what should for this ?
  Regards, COMDINI

  Hello,
  An offending host attempts to flood Forefront TMG with half-open TCP connections by sending numerous TCP SYN messages to a Forefront TMG server and not completing the TCP handshake, leaving the TCP connections half-open.
  Please enable logging to identified this hosts and then check if it is infected by viruses or malware programs.
  Please see the value of the number of Maximum half-open TCP connections in Flood Mitigation settings for more information.
  Once your problem is solved, you have to see "Forefront TMG is no longer experiencing a SYN attack." message.
  This
  posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Microsoft Student Partner 2010
  / 2011
  Microsoft Certified Professional
  Microsoft Certified Systems Administrator:
  Security
  Microsoft Certified Systems Engineer:
  Security
  Microsoft Certified Technology Specialist:
  Windows Server 2008 Active Directory, Configuration
  Microsoft Certified Technology Specialist:
  Windows Server 2008 Network Infrastructure, Configuration
  Microsoft Certified Technology Specialist:
  Windows Server 2008 Applications Infrastructure, Configuration
  Microsoft Certified Technology Specialist:
  Windows 7, Configuring
  Microsoft Certified IT Professional: Enterprise
  Administrator
  Microsoft Certified IT Professional: Server Administrator
  Microsoft Certified Trainer

• Some RST are seen during TCP disconnection when using SSL connection

  Some RST are seen during TCP disconnection when using SSL connection
  It is expected that the disconnection sequence for a secure connection to be as follow:
  client ************************* server
  --- alert (warning, close notify) --->
  <--- alert (warning, close notify) ---
  in any order;
  and then:-
  --------------- FIN, ACK ------------>
  <----------- FIN, ACK ---------------
  ------------------ ACK ----------------->
  Instead of the sequence described above, the TCP connection for a secure connection is closed with an RST.
  For instance, Wireshark capture shows that an SSL+SASL TCP connection is closed in the following manner:
  client ************************** server
  --- alert (warning, close notify) ---->
  ---------------- FIN, ACK ------------>
  <--- alert (warning, close notify) ---
  <----------- FIN, ACK ---------------------
  ------------ RST -----------------> *(This RST message should be investigated, an ACK message was expected)*
  Server: OpenLDAP: slapd 2.4.23
  Client: (java version "1.6.0_16")
  import javax.naming.*;
  import javax.naming.directory.*;
  import javax.naming.ldap.InitialLdapContext;
  import java.util.Hashtable;
  import javax.naming.ldap.InitialLdapContext;
  import javax.naming.ldap.StartTlsRequest;
  import javax.naming.ldap.StartTlsResponse;
  class Client {
  private static final String DEFAULT_INITIAL_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
  public static void main(String[] args) {
  //SSL
  try {
  System.setProperty("javax.net.ssl.keyStore", "c:\\\keystore");
  System.setProperty("javax.net.ssl.keyStorePassword", "adminadmin");
  System.setProperty("javax.net.ssl.trustStore","c:\\\keystore");
  System.setProperty("javax.net.ssl.trustStorePassword","adminadmin");
  // Set up environment for creating initial context
  Hashtable env = new Hashtable(11);
  env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
  // Must use the name of the server that is found in its certificate
  env.put(Context.PROVIDER_URL, "ldap://1.2.4.4:16415");
  env.put(Context.SECURITY_AUTHENTICATION, "simple");
  env.put(Context.SECURITY_PRINCIPAL, "cn=manager,dc=operator,dc=com");
  env.put(Context.SECURITY_CREDENTIALS, "password");
  env.put(Context.SECURITY_PROTOCOL, "ssl");
  // Create initial context
  InitialLdapContext ctx = new InitialLdapContext(env, null);
  // Close the context when we're done
  ctx.close();
  catch(Exception e)
  e.printStackTrace();
  Is it a bug ? Can I expect to have a patch for this issue?
  Regards,
  Olivier
  Edited by: 975464 on 6-Dec-2012 11:21 AM

  I agree it should be an ACK not an RST but it doesn't really matter. The connection is closed, and as neither the client nor the server has any pending data it is benign. Worth investigating in a later JRE.

• ForeFront TMG ISP Redundancy - Lost of internet connectivity

  I set up ISP redundancy on Forefront TMG that has my exchange 2010 server published through it. If both external NICs are enabled, I lose internet connectivity. If either NICs are enabled, and the other disabled, I get internet connectivity. Any ideas?

  Hi,
  Based on my knowledge, it may be caused by path mismatch.
  Simply to say, dns request goes in through the ISP1 and dns reply goes out through ISP2.
  However, we still need you to verify this, you can capture the packets on remote users to see if the destination IP in dns request and the source IP in dns reply are the same.
  Please also check the TMG live logging to see if there is any error information.
  Best Regards
  Quan Gu

• TCP connections on Cisco ASA disconnects the database session every 30 Minutes

  Right after a firmware upgrade form 8.4.2 to 8.4.7   on our ASA 5540:
  the database app that makes a tcp connection with the database  loses connection to the database servers on the inside of the firewall
  -Nothing changed on the process servers.
  -Nothing but firmware version changed on the firewalls.
  -Rebooting did not help.
  -Connections don't always drop every 30 minutes, but it's still almost exactly at that time, with a 90% chance of it happening. And it reestablishes in about 52 second
  -The client is not willingly terminating the connections to the database servers on the inside. The connection is just going away.

  I am not seeing any error in the logs in ASA but in our client we see:
  Latest from PROD (times are in UTC):
  Sun Apr 13 10:22:10 2014 - ERR: Read from the server failed (err[36],sev[78],state[0],line[0],server[],proc[],sql[exec sp_events_insupd :p1,:p2,:p3,:p4,:p5,:p6,:p7,:p8,:p9,:p10,:p11,:p12,:p13,:p14,:p15,:p16,:p17],err_type[client])
  Sun Apr 13 11:47:09 2014 - ERR: Read from the server failed (err[36],sev[78],state[0],line[0],server[],proc[],sql[exec sp_events_insupd :p1,:p2,:p3,:p4,:p5,:p6,:p7,:p8,:p9,:p10,:p11,:p12,:p13,:p14,:p15,:p16,:p17],err_type[client])

• SbRIO-9612 unable to close a TCP connection without causing TCP failure

  Hello,
  I'm working on a multi-server (sbRIO-9612's), multi-client (Windows PCs) application which uses the STM 2.0 libraries and LV2009 SP1.  The server listens on a UDP port for the client to send a message - once sent, the server opens the TCP connection to the client and all is well . . .
  . . . until I added a "hearbeat" message to monitor for down connections.  Once the TCP connection has been extablished, the client PC sends a TCP message (a request for the number of clients connected) to the server sbRIO-9612 every 5 seconds - both the client and server are coded to close the connection if a message is not received within 10 seconds.  The client-side app works fine - if the TCP message is not returned in 10 seconds, the connection is closed and a new UDP message is sent to re-establish it.
  The server-side is the problem - if no message is received in 10 seconds, the TCP connection is closed o.k. (no errors), but the server will no longer allow new TCP connections to be established unless it's rebooted.  It seems to work fine if I leave the non-communicating TCP connections open on the server-side, but I can see this leading to problems after several clients have disconnected without notifying the server properly.
  Interestingly, if the client closes the TCP connection properly (via TCP Close in LV), the server detects it fine and there is no problem.
  I'm allowing the operating system on both sides to select the TCP port to use.
  Any help is greatly appriciated - thank you!
  Al

  Hi Al,
  Thanks for the update -- I'm glad that you were able to find that the issue wasn't actually with the TCP VIs, and moreover that LabVIEW 2010 SP1 seems to have resolved the issue. I would still recommend combing through the code on the RT end to ensure that the LabVIEW 2010 SP1 upgrade really did 'fix' the underlying issue. It's somewhat strange that a version upgrade resolved TCP communication issues that you were having. I just want to be sure that the solution is a truly stable one.
  Sanjay C.
  Embedded Software Product Manager| National Instruments

• Migration from Forefront TMG to Ironport c680

  Hello,
  We're planning to migrate replace Microsoft Forefront TMG with Cisco Ironport c680.
  I am here to get an ideas for easy and smooth migration (change over).
  Need experts advise to list down the tasks before migration / change over & important things to remember.
  Best Regards,
  Juned

  Standard it would be.
  Port 25 SMTP -> Inbound and Outbound for mail delivery
  Port 53 (TCP/UDP) DNS 
  Port 80 HTTP - GUI Access (for internal) and Updates/upgrades to download from internet
  Port 443 HTTPS  - (As above)
  Port 22 SSH - CLI access  (And possible for tunnel)
  Port 23 Telnet - CLI access 
  A long list would be depending on required services:
  Port Protocol In/Out Hostname Description
  20/21 TCP In or Out AsyncOS IPs, FTP ServerFTP for aggregation of log files.
  22 TCP In AsyncOS IPs SSH access to the CLI, aggregation of log files.
  22 TCP Out SSH Server SSH aggregation of log files.
  22 TCP Out SCP Server SCP Push to log server
  23 Telnet In AsyncOS IPs Telnet access to the CLI, aggregation of log files.
  23 Telnet Out Telnet Server Telnet upgrades, aggregation of log files
  (not recommended).
  25 TCP Out Any SMTP to send email.
  25 TCP In AsyncOS IPs SMTP to receive bounced email or if injecting
  email from outside firewall.
  80 HTTP In AsyncOS IPs HTTP access to the GUI for system monitoring.
  80 HTTP Out downloads.ironport.com Service updates, except for AsyncOS
  upgrades and McAfee definitions.
  80 HTTP Out updates.ironport.com AsyncOS upgrades and McAfee Anti-Virus
  definitions.
  80 HTTP Out cdn-microupdates.cloudmark.com Used for updates to
  third-party spam component in Intelligent MultiScan. Appliance must also
  connect to CIDR range 208.83.136.0/22 for third-party phone home updates.
  82 HTTP In AsyncOS IPs Used for viewing the Cisco IronPort Anti-Spam
  quarantine.
  83 HTTPS In AsyncOS IPs Used for viewing the Cisco IronPort Anti-Spam
  quarantine.
  53 UDP/TCP In & Out DNS Servers DNS if configured to use Internet root
  servers or other DNS servers outside the firewall. Also for SenderBase
  queries.
  110 TCP Out POP Server POP authentication for end users for Cisco
  IronPort Spam Quarantine
  123 UDP In & Out NTP Server NTP if time servers are outside firewall.
  143 TCP Out IMAP Server IMAP authentication for end users for Cisco
  IronPort Spam Quarantine
  161 UDP In AsyncOS IPs SNMP Queries
  162 UDP Out Management Station SNMP Traps
  389 LDAP Out LDAP Servers LDAP if LDAP directory servers are outside
  firewall. LDAP authentication for Cisco IronPort Spam Quarantine
  3268 LDAP Out LDAP Servers LDAP if LDAP directory servers are outside
  firewall. LDAP authentication for Cisco IronPort Spam Quarantine
  636 LDAPS Out LDAPS LDAPS ActiveDirectory Global Catalog Server
  3269 LDAPS Out LDAPS LDAPS ActiveDirectory Global Catalog Server
  443 TCP In AsyncOS IPs Secure HTTP (https) access to the GUI for system
  monitoring.
  443 TCP Out res.cisco.com Cisco Registered Envelope Service
  443 TCP Out updates-static.ironport.com Verify the latest files for the
  update server.
  443 TCP Out phonehome.senderbase.org Receive/Send Outbreak Filters
  514 UDP/TCP Out Syslog Server Syslog logging
  628 TCP In AsyncOS IPs QMQP if injecting email from outside firewall.
  2222 CCS In & Out AsyncOS IPs Cluster Communication Service (for
  Centralized Management).
  6025 TCP Out AsyncOS IPs Cisco IronPort Spam Quarantine
  7025 TCP Out AsyncOS IPs Cisco Policy Virus Outbreak Quarantine.

• How to Identify the Network Topology being used for a running ForeFront TMG Stand Alone array?

  Hello Experts,
  My client has decided to move their datacenter  from one location to other including the ForeFront TMG servers which are being used as Reverse Proxy and TMG Gateway  in DMZ environment.
  I need to know the network topology used for this configuration so that I could chose the same topology when creating new TMG environment at new datacenter. Here are some details : 
  1. There are 2 TMG servers configured in a DMZ Workgroup in Stand Alone array.
  2. Both servers have 3 NIC attached to them. (one has all public IPs configured, another one has internal IP address and the third one has Management IP which is used to connect the server via RDP).
  3. There are more than 50 websites published via this standalone array.
  I am very new to Forefront TMG technology and need to know the Topology used to create such environment.
  Thanks 
  Lalit

  Hi,
  According to your description, you can use the 3-leg perimeter network template and choose which network adapter connects to the LAN, which network adapter connects to the external  network and which network adapter connects to the DMZ.
  Did you set up TCP/IP settings for the three NICs? If not, please refer to the link below:
  Recommended Network Adapter Configuration for Forefront TMG Enterprise Edition Servers
  More information:
  Microsoft Forefront TMG – How to use TMG network templates (Note:
  Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.)
  Best regards,
  Susie

• IPad 2 looses username and password with Microsoft Forefront TMG

  My company uses Microsoft Forefront TMG as a proxy on our Guest wireless access.  We have a guest username and password that changes every few weeks that iPads can use to access the internet at work - we are not allowed into the company network!  Although I can put the guest username and password into the authentication dialog, the username and password are lost after the iPad has been off for several minutes and I have to reenter them.  In the before iOS 5.0 versions I was able to set the wireless to automatically remember the password and to auto-fill the username and password each time.  Now, the username and password that come up were from the pre-iOS 5.0 settings - it doesn't remember the new username and password from the last time that I logged in.  This occurs with any App that attempts to log in after I turn the iPad on.  The same issue comes up with other iPads here as well.  Settings are: Auto-Join and Auto-Login set, HTTP Proxy Off.  IP address received from DHCP.
  Is there any setting that I can use to get around this problem?
  LW

  The Apps worked when I originally got it (several days ago), and I could also log onto the websites.
  Could it be my wireless router? I did notice that when my macbook pro is asleep, and I open it up to awake it, it sometimes disconnects my wifi signal (everything connected to my signal will lose it) for about 20 seconds, and then it will come back to.
  Not sure if that is connected to my problem with logging into websites and apps, but I'll just put that info out there.

• Forefront TMG Schannel memory leak when exchange is down

  We are having an issue with our forefront TMG array that only happens when our exchange server is down (ie. for updates). As soon as the exchange server is unreachable, all TMG servers in the array start getting flooded with SCHANNEL errors (100+ a second)
  and will quickly leak memory until there is no more available ram, then the server becomes unresponsive and stops handling any requests. During this time, the w3p process also spikes to 100% on all servers. Once the exchange server is reachable again,
  the CPU spikes immediately stop, and within ~10 minutes the ram usage goes back to normal.
  The errors received are:
  36874:An unknown connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
  36888: The following fatal alert was generated: 10. The internal error state is 10.
  This issue is 100% repeatable, and happens immediately when Exchange is shut down. It even happens if I disable all web listener for exchange (OWA, RPC and ActiveSync). I can reproduce this issue in a completely separate domain/environment as well.
  The TMG servers are running SP2 with all but the most recent CU installed (7.0.9193.500).
  Any thoughts on what is causing this and how to resolve? And please do not just suggest I just disable SCHANNEL logging in the registry, because that is not the issue. Thanks.
  *edit* I have also completed the steps to disable harden SSL from this guide as they were causing our PCI tests to fail (http://www.isaserver.org/articles-tutorials/configuration-security/improving-ssl-security-forefront-threat-management-gateway-tmg-2010-published-web-sites.html),
  along with adjusting the cipher suites in the guide linked from that article.

  I will be glad to research this and see if it is a known issue. If you can reproduce this issue 100% of the time it may be worthwhile opening a support case with us. If this turns out to be a code defect it would be free of charge. Since it involves SCHANNEL
  it may be an OS related issue. Issues like this can be quite involved and would likely need memory dumps once in an unresponsive state.
  If you do open a support case let me know the number and I will take ownership of it.

• Anyone else having an issue with TCP connections using iCloud for Windows?

  Hi,
  Before I asked this question, I did wait to see if any related questions came up, but none did, so I submit it now.
  On my admittedly older laptop running Windows 7 64b Home, I've run into difficulties with the iCloud for Windows app to the extent that I had to uninstall it.
  It would that, as my laptop was running, in the background, iCloudServices.exe would endlessly iterate TCP connections, which, while not actively sending or receiving any data, after some hours would number over 100 instances, taking up resources, and grinding my laptop's WiFi connection to a grindingly slow pace. I ended up, within the app, turning off everything, iCloud Drive and Photos, (I never used bookmarks), but still this would continue to occur.
  I contacted Apple Support, explaining what was going on, and they stated they only dealt with IOS and gave me a Microsoft Support number. When I called Microsoft support, I came more and more to the realization that the issue was specifically with the iCloud for Windows app, as that was the only software that was endlessly creating and not closing TCP connections as it was. How was Microsoft supposed to solve an issue with Apple code?
  So I called Apple back, whereupon they insisted it was a Microsoft issue. I explained other cloud services installed on the same computer were not having the same issue, it was unique to ICloudServices.exe. They stated they only dealt with IOS. I stated I purchased an iPad Air less than 7 months ago, and was trying to run iCloud in support of that.  They again stated they only dealt with IOS, and suggested I again try Microsoft. I asked them if it was reasonable to expect Microsoft to solve issues with Apple code? They said regardless, there was zero support offered for anything having to do with Windows, and all I could do was uninstall the app, which I did, though that did not feel very satisfactory to me. My thinking is, if Apple writes a Windows app in support of their hardware, they should offer support for it.
  Anyway, I was just wondering, is this an issue unique to me? or have others experienced a similar issue? I found this issue by opening the Windows Resource Monitor, looking under the Networking tab, and scrolling through the TCP Connections section to find 100+ concurrent iCloudServices.exe instances listed, whereas even Chrome, with multiple tabs and extensions, topped out at around 20.
  My one month old Desktop, DYI, sports a solid Asus 1150 MoBo, i7-4790k cpu, 16GB Ram, and an EVGA GTX 970 video card. I list some specs only to illustrate this computer has no hardware issues in comparison to my long in tooth laptop. On this desktop, running Win 8.1 Pro 64b,  at least as many, identifiably Apple, background service TCP connections are created even compared to Chrome, regardless of many tabs being open, many extensions, and even some related apps. Adobe does not even come close, though I run the full CC subscription. On this new computer, running Windows 8.1 Pro 64b, there are currently over 50 TCP connections and loopbacks that do not identify themselves, with just a - for the Image, and PID. With the experience on my laptop, I wonder how many of these are generated by Apple software, if not specifically iCloud software?
  The frustrating aspect of these connections is they seem in no way active, While the Chrome and Adobe connections can be seen to be transferring data, as long as I am not running iTunes, or so have my iPad actually plugged in, it seems 99% of the time these iCloudServices.exe connections are just taking up ports, neither sending nor receiving any data discernable to me under the Processes with Network Activity, or Network Activity lists, both displayed in the same window as the TCP Connections in the Windows Resource Monitor.
  Though I am fairly ignorant as regards coding, it seems as if there is no call to close a connection, very specifically, iCloudServices.exe, when it is no longer needed, and the next time a connection is needed, a new one is opened, rather than accessing the one previously opened. The only other reason I could imagine this might be occurring is if my Norton Internet Security software might mask and/or block the port after a certain time of inactivity.
  Anyone out there have any ideas or advice about this? Thanks in advance.

  Thanks jared,
  I'm still dealing with this issue through Apple. Some time after I posted this, I contacted Apple again. They did start a case up for me, as I was experiencing the same behavior on two different machines, with two different versions of Windows.
  So far it remains unsolved. I've logged iClouds for Windows on my desktop, which is brand new, then logged for awhile after completely uninstalling Norton Security Suite, depending on the Microsoft security for some time, and finally logged after I uninstalled iCloud for Windows, restarted, installed a clean download, and connected using a completely different test account, which Apple set up for me. None of this made any difference. Looking at the logs, it seems every 10 minutes, iCloudServices.exe creates a new TCP connection to confirm I'm using less than 5GB on iCloud, (which I am by a good margin, using less than 2GB), it seems this connection is not closed, and when the next iteration rolls around 10 minutes later, a new TCP connection is created. I come very close to having 6 TCP connections created per hour, until I restart my computer. This works out to... 6 x 24 = 144/day.
  Perhaps the article you posted will shed some further light on this. I'm thinking seeing the state of the connection through netstats, at the least, could help.
  For the last week, I've been putting a hold on further logging, as Apple wants me to create a new user account on one of my computers, install iCloud for Windows there, and log it running in the other account. This however basically means I cannot use my computer for a fair number of hours, and I've been busy enough with work the past week that I haven't the time or energy to afford to set this up and run it. I've had need of my computers too much for the past week.

• Ipod disconnects immediately after being connected to computer

  Every time I plug my iPod into my computer it says "Connecting" then it says "Ejecting" and then "OK to disconnect"! WHY????? It does not show up in the sidebar in iTunes, and it does not show up in My Computer.
  I have plugged it into every USB port on my computer, none of them worked
  I have already updated iTunes.
  I have already put the iPod in disk mode.. that did NOTHING.
  I know it's not a problem with my USB ports, because other devices work JUST FINE in them
  I know it's not an issue with the USB cable because I plugged my iPod into another computer and my iPod did not disconnect right after being connected
  PLEASE help me get my iPod to work on this computer. And I don't want answers telling me to use the other computer. My Library is on THIS computer. Not only that, iTunes doesn't even work on the other computer.

  Reset the Bose device
  - Reset the iOS device. Nothing will be lost
  Reset iOS device: Hold down the On/Off button and the Home button at the same time for at
  least ten seconds, until the Apple logo appears.
  - Reset all settings      
  Go to Settings > General > Reset and tap Reset All Settings.
  All your preferences and settings are reset. Information (such as contacts and calendars) and media (such as songs and videos) aren’t affected.
  - Restore from backup. See:                                 
  iOS: How to back up           
  - Restore to factory settings/new iOS device.

• Forefront TMG 2010 Error from management console

  Hi,
  I am having a problem connecting to a TMG 2010 array from an installation of TMG management console we are receiving the error 'Refresh Failed' 'Error 0x80070057' ' The Parameter is incorrect'.
  The only article i can find on this error is this http://support.microsoft.com/kb/2591719 which doesn't seem to apply to our setup or this problem but I have applied Service pack 2 anyway but still get same error. The only other thing i can find is
  a few people saying the management console needs to be at the same version as the TMG servers you are trying to connect to but I cannot see how this can be done as when I try to run the service pack on the machine with only the management console I get an
  error as the full installation is not there.

  Hi，
  Firstly, have you found any related information in the event logs?
  Nest, you can check the version of the TMG server from the TMG help menu, TMG system node or using Control Panel. For more detailed information, please refer to the link below:
  How to Determine Which Version of TMG
  Server 2010 Is Installed
  In addition, what hotfix rollup or Server pack have you installed? Please refer to the recommended order below:
  Forefront TMG 2010 Service Pack, Rollup, and
  Version Number Reference
  Best regards,
  Susie

• FOREFRONT TMG 2010 CRITICAL ISSUES

  Dear all,
  I installed and configured the Microsoft Forefront TMG in my company's network. It's been done two weeks ago. Since then, everything is working fine and all intranet computers have worked well.
  This is a two NIC server (LAN and WAN on the same machine) and WINDOWS SERVER 2008 R2 OS.
  When I ran the Microsoft Forefront Best Practise Analyzer Tool, I got these two critical errors:
  FIRST
  "Connection to Update Source Failed"
  This machine have been upgraded normally from Microsoft Update service, I really do not know the why about this issue.
  SECOND
  "The primary configuration storage server failed to respond on port 2172"
  Thia second issue appears twice on the critical erros listed.
  Can you guys help me on that?
  Clemilson Correia IT Specialist

  Hi,
  Thank you for your post
  Port 2172 is used as the SSL control channel for authentication to the LDAP ADAM directory used by the Enterprise Management Service.  Since you stated that these are part of a domain, this error is probably benign in that.  So, with that said,
  let’s look at that error and how to troubleshoot it.
  1. Use ADSIEdit.MSC to troubleshoot. 
  2. For “Connection Point”, select the radio button for “Select or type a Distinguished Name or Naming Context:” In the text box, enter (without quotes): “cn=fpc2”.
  3. For Computer, use “Select or type a domain or server: (Server|[:port]) and in the text box enter {name or IP address of the EMS server}:2171.
  4. If the EMS server is able to be cot acted from the array node, then you will see a successful connect and be able to expand out the LDS tree.
  If you are successful in this connection, then there is probably nothing to worry about.  If you cannot, please let me know and we can go about looking at reasons why it is unable to connect.
  http://social.technet.microsoft.com/Forums/forefront/en-US/f165648c-50da-485c-a77c-ac21089e08d4/tmgbpa
  Additionally, you need to check the system requirement for BPA:
  http://www.isaserver.org/articles-tutorials/configuration-general/Microsoft-Forefront-TMG-Best-Practice-Analyzer.html
  Best Regards
  Quan Gu

• Using non blocking connect() call for SCTP sockets in Solaris10

  Hi,
  I have a problem with non blocking connect call on SCTP socket.
  I am using the sctp stack support in Solaris10.
  When the connect is successful, I can get the pollout event on the socket.
  But there is no event observed when the peer does not exist. In other words, I could not get the pollout event on connection failure. This logic works fine with TCP sockets on both Solaris and Suse10.
  I am working with SCTP one-to-one style sockets.
  Is there any way to handle this issue?
  Do I need to load any patch to resolve this issue?
  It will be great if I get a solution in this regard.
  Thanks in advance.
  Best Regards,
  Bipin.

  There are at least two problems here.
  A. In the receiver you should test for -1 from the read() immediately, rather than continue with the loop and try to write -1 bytes to the file.
  B. In the sender you are ignoring the return value of client.write(), which can be anything from 0 to the buffer length. If you get 0 you should wait for another OP_WRITE to trigger; if you get a 'short write' you need to retry it until you've got nothing left to write from the current buffer, before you read any more data. This is where the data is vanishing.