FIX: The Firewall service may stop responding to all traffic on a server that is running Forefront Threat Management Gateway 2010

Article ID: 2705829 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

Consider the following scenario:
  • You enable HTTPS inspection in the Web Access Policy on a server that is running Microsoft Forefront Threat Management Gateway (TMG) 2010.
  • You have clients that access Secure Sockets Layer (SSL) websites through Forefront TMG when a proxy server is not defined.
  • You installed a third-party web filter that calls the WriteClient API.

In this scenario, the Firewall service (Wspsrv.exe) in Forefront TMG may stop responding to all traffic until the Firewall service or the server is restarted.

CAUSE

This problem occurs because the call to the WriteClient API from a third-party web filter may cause a deadlock situation that blocks all worker threads in the Firewall service.

RESOLUTION

To resolve this problem, install the hotfix package that is described in the following Microsoft Knowledge Base article:
2689195 Rollup 2 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2

WORKAROUND

To work around this problem, use one of the following methods:
  • Disable the third-party web filter.
  • Disable HTTPS inspection.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 2705829 - Last Review: May 4, 2012 - Revision: 1.0
APPLIES TO
  • Microsoft Forefront Threat Management Gateway 2010 Service Pack 2, when used with:
    • Microsoft Forefront Threat Management Gateway 2010 Standard
    • Microsoft Forefront Threat Management Gateway 2010 Enterprise
Keywords: 
kbqfe kbfix kbexpertiseinter kbbug kbsurveynew KB2705829

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com