The Mysterious Case of the Stolen Port 80 on a TMG Firewall
Remember the heady days of ISA 2000 when everyone and his brother wanted to install IIS on the ISA 2000 firewall? It was easy to understand, since many thought of ISA 2000 as the next version of the Proxy 2.0 web proxy server. And since Proxy 2.0 was build on IIS, it sort of made sense. However, over the years ISA and subsequently TMG firewall admins have learned that if they want to host web services, its best to not turn your firewall into a web server
So what about this case of the stolen port 80 on the TMG firewall? Your first thought might be that someone FUBAR’ed the installation and installed IIS on the TMG firewall. Nope, that wasn’t the case. Also, no 3rd party products were installed on the TMG firewall that steal TCP port 80 from wanting and waiting Web Listeners.
If no web server is installed on the TMG firewall, and there are no 3rd party products installed on the TMG firewall, and there are no Web Listeners using TCP port 80, what could be stealing this port?
Check out the TMG Firewall Team blog and find out the answer!
DEBRA LITTLEJOHN SHINDER
MVP (Enterprise Security)