No thoughts on this one folks? Or will I need to call PSS? Thanks, Rob From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Rob Moore Sent: Friday, May 14, 2010 11:08 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Accessing live media streams over TMG OK, now another question. A user in our External Affairs department (deals with media) needs to listen to the live stream for our local public radio station. She goes to www.whyy.org<http://www.whyy.org> and clicks on the Listen Live link. On the "Listen Live" page, she clicks on the "Listen with Windows Media Player link. When we were on ISA 2006, this worked. On TMG it fails. I'll post the TMG error at the bottom of my message. If I turn off Malware Inspection, the live stream works. I tried turning Malware Inspection back on but putting *.whyy.org into the Destination Exceptions list (in Malware Inspection). That didn't help. Just for kicks, I tried listening to the live stream from www.wnyc.org<http://www.wnyc.org>. Both streams are in the asx format. The one from wnyc.org works. Offhand, I can't think of why one asx stream works and another one doesn't. The computers in question are all SecureNAT clients. Any thoughts about what's going on? Here's the error I'm getting: Client Agent Authenticated Client Service Referring Server Destination Host Name Transport HTTP Method Filter Information MIME Type Object Source Cache Information Error Information Source Port Session Type Bidirectional Network Interface Raw IP Header Raw Payload Processing Time Bytes Sent Bytes Received Original Client IP GMT Log Time Authentication Server UAG Array Id UAG Version UAG Module Id UAG Id UAG Severity UAG Type UAG Event Name UAG Session Id UAG Trunk Name UAG Service Name UAG Error Code Internal Service Info Log Field Client Application SHA1 Hash Client Application Trust State Client Application Internal Name Client Application Product Name Client Application Product Version Client Application File Version Client Application Original File Name Client FQDN URL Categorization Reason Forefront TMG Client Version URL Destination Host Name Log Time Client IP Destination IP Destination Port Protocol Action NIS Scan Result NIS Signature NIS Application Protocol Rule Result Code HTTP Status Code Client Username Source Network Destination Network URL Server Name URL Category Log Record Type Malware Inspection Action Malware Inspection Result Threat Name Threat Level Content Delivery Method Malware Inspection Duration (msec) NAT Address Client Application Path NSPlayer/11.0.5721.5251 Yes Proxy 207.245.67.204 TCP GET Req ID: 04105d1a; Compression: client=No, server=Yes, compress rate=0% decompress rate=0% Internet 0x40000004 0x400 1566 SecureNAT - - - 109 21883 556 - 5/14/2010 2:42:41 PM 0 0 0 0 - - - - - - - Not in database - 207.245.67.204 5/14/2010 10:42:41 AM 172.17.201.86 207.245.67.204 80 http Failed Connection Attempt Inspected Allow Web Access for All Users 12210 An Internet Server API (ISAPI) filter has finished handling the request. Contact your system administrator. anonymous Internal External http://207.245.67.204/ PHL-TMG1 Unknown Web Proxy Filter Blocked Response with Unsupported Format Received 0 209.120.230.99 - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Rob Moore Network Manager 215-241-7870 Helpdesk: 800-500-AFSC