Does Microsoft TMG 2010 handle websockets, at least through SSL

I thought in my own insanity that if I published an IIS 8 web server with websockets through HTTPS there shouldn't be a problem even with the TMG.

However, regardless of publishing, filtering and request settings, I don't see any websocket connection upgrade requests reaching the web server when going through the TMG.

Using SignalR I get fallback to whatever lesser transport the browser in question supports. It works great whenever I bypass the TMG of course.

Do I need to find another firewall / filter to get this to work or is there a way?

I'm having trouble even finding information on what products support web sockets, all I see is that weird quote aboute less than 1% of current proxy servers are incompatible, and using HTTPS should alleviate any problems. And whenever I throw "websocket" into a Google search with a Microsoft product – the result is simply gibberish and/or malware sites.

tl;dr: I realize Windows Server 2012 is still not RTM, but is there a way to establish IIS 8 websocket connections through a TMG 2010 SP2?

Best Answer

So this is how I finally got this working:

Don't use Web Site publishing rules, use a Non-Web Server rule instead
Use the default HTTPS Server protocol definition
- Do not enable any filters in the protocol
In the To section of the rule, have requests appear to come from the original client
Also, unrelated but alas, make sure the Web Server is a SecureNAT client (ie it's default gateway is the TMG in question)

This has some limitations but works for my need: publish IIS 8 ASP.NET 4.5 sites that utilizes web sockets.

Best Answer

Related Solutions

Forefront TMG 2010 … UPnP Port mapping

Does MS Forefront TMG cache authentication

Related Topic