Forefront TMG 2010: Open all ports between 2 TMG servers

mbromb
mbromb used Ask the Experts™
on
How can I make sure that all ports are open between 2 separate stand-alone TMG servers?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Keith AlabasterEnterprise Architect
Top Expert 2008

Commented:
The obvious answer would be to open the gui on each and test it.......
Commented:
Hi,
 
May be by adding a specific rule on each TMG server and put this rule at the first position in the list. The rule would be:
Allow, All outgoing traffic, from "Local host" and "IP of other TMG server", To "Local host" and "IP of other TMG server", "All users"
 
Hope this helps
 
Have a good day

Author

Commented:
"open the gui on each and test"  How are you suggesting I test or verify using the GUI?

I've added them to the "Remote Management Computers" network object.  That seems to open the servers up to each other, but I'm not sure that everything is open.  I suppose I could Telnet to any ports I'm concerned about, but I feel like there has to be a documented way to allow a remote computer acces to all local ports.

i have tried the rule, but it didn't seem to work at the time.  I'll have to revisit that.

Thanks!

Commented:
Hi,
No. Adding the TMG servers to the "Remote Management Computers" object will only allow some remote management ports like RDP, RPC, etc... IT WILL NOT allow all ports.
If you wan't to allow ALL ports between the servers YOU MUST create a rule for that like I explained before.
 
Have a good day

Author

Commented:
Got it! Thanks!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial