Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.


Consider the following scenario:

  • You install Microsoft Exchange Server 2010 on a computer.

  • You publish Exchange Server 2010 by using Microsoft Forefront Threat Management Gateway (TMG) 2010.

  • You use a Microsoft Outlook Web App (OWA) 2010 client to connect to the server.

In this scenario, the connection does not time out after the inactivity time elapses.

Note This issue does not occur in the following two situations:

  • You use an OWA 2010 client to connect to the computer directly when Forefront TMG 2010 is bypassed.

  • You use an OWA 2010 light client or an OWA 2007 client that is published by Forefront TMG 2010 to connect to the Exchange server.


This issue occurs because of a new functionality in OWA 2010. This new functionality causes Forefront TMG 2010 not to recognize the inactivity time when the client is idle.

The new functionality sends HTTP requests even when the client is idle. The client sends a keepalive request (/owa/keepalive.owa), and then the client sends more information about the activity of the user by adding the following path of the published OWA URL:

/owa/ev.owa?UA=0The new design in Exchange Server 2010 for the OWA client that sends this request has a UA parameter for user activity. When this parameter is set to 0, Exchange Server 2010 Client Access Server (CAS) ignores the request and does not treat this request as a request of user activity.

When an OWA 2010 client connects to the CAS directly instead of through Forefront TMG 2010, the CAS times out the connection caused by inactivity by using this parameter. When Forefront TMG 2010 continuously receives this request, and when Exchange Server 2010 is published by using Forefront TMG 2010, the UA parameter is not recognized by Forefront TMG 2010. Therefore, inactivity time is not recognized.


After you apply this update, Forefront TMG 2010 reads the UA parameter from an OWA URL. If this parameter equals 0, Forefront TMG 2010 ignores the request and does not count the time as the activity time of the user.

Update information

To resolve this issue, install the software update that is described in the following Microsoft Knowledge Base (KB) article:

2475183 Software Update 1 rollup 2 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 1


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?

Thank you for your feedback!