TMG Server on Hyper-V behind Cisco ASA problem
Posted on 2010-09-02
I have installed Threat Management Gateway 2010 as a back end firewall configuration on a virtual server on a Windows Server 2008 Hyper V host, this has 2 virtual network cards on 2 different VLANS (100 and 1001) and plugs into my 3COM core switch, I have a Cisco ASA that also plus into my core switch allowing VLANS 100 and 199), my internet connection also plugs onto the core switch on VLAN 199.
The TMG server is new, before I added this the core switch passed any external requests onto the ASA which routes out to the internet line.
I am now trying to use the TMG server as a web proxy to block internet access to anyone without an allow rule and monitor what those are accessing it are looking at.
The TMG server can access the internal network fine and the default gateway is set to vlan 100 (to the ASA which it can ping).
I can't however access the internet from the TMG server it responds with a 10060 connection timeout and says the gatewat could not receive a timely response....
I would like to keep the ASA in place as a front firewall and just use TMG as a back firewall and proxy server for controlling internet.
Can anyone point me in the direction of where I am going wrong? Diagram attached.