Assuming all clients use the same TMG network interface, probably. What appears in the TMG client auto-detection window? From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan Sent: Thursday, February 02, 2012 11:18 AM To: 'isalist@xxxxxxxxxxxxx' Subject: [isalist] Re: TMG Client Thanks, I had already changed the address (where shown below) to the IP address of the server instead of a DNS name. Do you think that will work better? From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> [mailto:isalist-bounce@xxxxxxxxxxxxx]<mailto:[mailto:isalist-bounce@xxxxxxxxxxxxx]> On Behalf Of Jim Harrison Sent: Wednesday, February 01, 2012 9:45 AM To: isalist@xxxxxxxxxxxxx<mailto:isalist@xxxxxxxxxxxxx> Subject: [isalist] Re: TMG Client Sadly, although fwctool and TMGC both use DHCP, DNS, HTTP and RWS to validate auto-detection, each one employs slightly different methodology. TMGC received some changes in response to the WPAD vulnerability<http://technet.microsoft.com/en-us/security/advisory/945713> that fwctool did not. There was much discussion about syncing them before ship so that they would behave identically (and thus avoid your confusion), but unfortunately, fwctool failed to make the cut. WPAD operation and the TMG settings that affect it are described in the TMG book in chapter 15 and Appx C. 99 times out of 10, the problem you describe is name resolution (usually a lack of proper domain suffix). You need to ensure that your array "DNS name" is properly set : [cid:image001.png@01CCE1A2.5CC18640] ..and that each protected network has the TMGC settings configured for the DNS suffix it serves: [cid:image002.png@01CCE1A2.5CC18640] Network Monitor has built-in filters designed specifically to help you troubleshoot such issues. Bear in mind that Jim From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> [mailto:isalist-bounce@xxxxxxxxxxxxx]<mailto:[mailto:isalist-bounce@xxxxxxxxxxxxx]> On Behalf Of Ball, Dan Sent: Thursday, January 26, 2012 11:59 To: isalist@xxxxxxxxxxxxx<mailto:isalist@xxxxxxxxxxxxx> Subject: [isalist] TMG Client Is there any particular reason why the TMG client would come up with "Failed to detect Forefront TMG" Immediately upon pressing the Detect Now button, but when running the "fwctool testautodetect" command it shows a success? I have a few computers doing that. Setting it manually works.