Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Symptoms

A server that's running Microsoft Forefront Threat Management Gateway (TMG) 2010 may stop accepting all new connections and become unresponsive. This issue may occur after somewhere between several hours and several days of server uptime.

When this condition occurs, users may be unable to establish a Terminal Services session to the server. User authentication of requests may also be unsuccessful, because the Forefront TMG server may lose its connection to the domain controller.

In this situation, Performance Monitor may display the following:

  • The Backlogged Packets counter in the Forefront TMG Firewall Packet Engine may show a very large increase. This increase can reach a level of more than 1,000 packets in the queue.

  • The Available Worker Threads counter in the Forefront TMG Firewall Service may suddenly decrease to zero.


Cause

This problem occurs because of a race condition between the Forefront Threat Management Gateway Firewall service and local system processes such as the DNS Client service or the Local Security Authority Process (LSASS). Specifically, in a heavy load environment, when all work items that have to be completed are processed, insufficient priority is given to some tasks that should be completed first. This causes the race condition.

Resolution

To resolve this problem, install Rollup 5 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2.

Note Although this issue was first fixed in Rollup 3 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2, we have identified additional conditions that could cause this problem.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

This fix prevents the race condition between the Forefront Threat Management Gateway Firewall service and local services that are running on the Forefront TMG server by reserving more worker threads and giving increased priority to more important tasks that are related to local host traffic processing.

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×