Solved

Forefront TMG simulation thru vmware

Posted on 2010-11-29
13
1,781 Views
Last Modified: 2012-05-10
Is it posible to simulate Forefront TMG on vmware workstation test lab?

iam planning to have sharepoint 2007, exch 2007 and 2008 AD environment.

please help.
0
Comment
Question by:charles_lawrence
  • 5
  • 5
  • 3
13 Comments
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 34228981
Yes it is.
0
 
LVL 22

Accepted Solution

by:
Luciano Patrão earned 500 total points
ID: 34228982
Hi

Yes i have implemented some TMG on VMs. There is no difference between the VM or a physical machine. The network is the same.

You just need to put the network settings according the VLAN(if exists), or using dedicated Network Adapters.

I have done this with TMG, and also with ISA Servers.

Jail
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 34229031
Up to what extent did you simulate it? does it posible to use the ordinary ADSL line at home to simulate access to internet (block certain websites) thru TMG OR emails if posible
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 34229045
Yes I did and test it to publish exchange services and websits ...

one more thing, I have 3 production ISA server and one TMG server running on VM ( hyperv) for about 2 years without any issue
0
 
LVL 22

Expert Comment

by:Luciano Patrão
ID: 34229100
Hi

Yes you can, now it depends what VMware do you want to use. VMware ESXi is one configuration, Workstation is another configuration.

Jail
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 34236493
@ Bestway and Sulimanw- iam using vmware workstation v7 only.

@ Sulimanw, you said- Yes I did and test it to publish exchange services and websits ...

Can you guide me on how to do this. Appreciated.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 34237381
0
 
LVL 22

Expert Comment

by:Luciano Patrão
ID: 34237820
Hi

With Workstation you need to dedicate one of the Network Adapter to connect to your ADSL Router, to use as a gateway/firewall.

Use the VMware Virutal Network Editor

Jail
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 34245421
Hi Bestway, thank you for your patience to enlighten my ignorance :)

ok. adsl is hacing dynamic public ip.  can i do an actual implementation on my lab network to simulate "real" office setup.

objective:
- to send/ receive maill.
- to access owa.

what do i need to have?
- a registered domain?
- services like no-ip or dyndns because of dynamic ip?
- ssl for owa?

Thank you.
0
 
LVL 22

Expert Comment

by:Luciano Patrão
ID: 34246004
Hi

For NS I use www.zoneedit.com(just put this NS into your register domain) in your  and for the IP yes you can use no-ip.

For my I only use 2 thinks, a registered domain(for my testes I have more than one), zoneedit NS and for the dynamic IP I use in the server the tool DirectUpdate that changes my IP address directly in the zoneedit, when the ADSL ISP change the IP.

With this you can have a mail server and webserver working without any problem. And then the TMG or even ISA Server, configuration is normal as in any physical server.

Hope this can help you

Jail
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 34266190
Hi BestWay,

I registered my own domain in godaddy and use zoneedit name server for my dynamic ip.

but it seems theres an error when i use checkdns.net for my domain (attached pics)

this is what i did:
- purchased domain in godaddy
- register in zoneedit/ create zone
- changed Nameserver in godaddy to use ns4.zoneedit.com and ns19.zoneedit.com
- install DirectUpdate sofware to update the zoneedit record once isp change adsl public ip.
- my VMs can access the internet.

checkdns-error.jpg
ZoneEdit-entry.jpg
DirectUpdate.jpg
0
 
LVL 22

Expert Comment

by:Luciano Patrão
ID: 34266344
Hi

@charles_lawrence I never answer questions that are not related with the initial question(this is EE policy).

But regarding this I give you 1 or 2 comments.

First register the domain in the godaddy
Register in the zoneedit
Use the NS and add into your godaddy domain register

Install DirectUpdate into the server and create a DNS Account that connect to your zoneedit and update the IP into any register (example: mail.domain.com)

Create you zone in the zoneedit(that is your domaini), then create a A record or MX like www.domain.com with your IP, or only domain.com with your server IP.

Then in the directupdate you need to create an DNS account for each & AAAA records, MX records, SRV records, that you created in the zoneedit.

I have 3 zones(domains) in my zoneedit, and on each one I have more than 10 or 20 records created(like mail.domain.com, webmail.domain.com, www.domain.com, subdomain.domain.com) and in DirectUpdate I need to create an DNS account for each record to update the IP for everytime the IP changes.

I see that your domain and NS are all ok. But you need to create a A record, or MX record on the zoneedit.

This is your domain:

Non-authoritative answer:
cbthelpsme.com  nameserver = ns4.zoneedit.com
cbthelpsme.com  nameserver = ns19.zoneedit.com

ns4.zoneedit.com        internet address = 216.98.150.236
ns19.zoneedit.com       internet address = 216.227.210.10

The domain its ok and have a good register on the Internet.

Hope this can help you

Jail
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 34272265
Hi Bestway,

Great! checkdns.net can now resolved my domain. Thank you for your help.

additional for your comments i did "publish" my zone in ZoneEdit and created A and NS record.

Thank you.

For TMG, let me work with my domain first then i will implement TMG in my lab.

Points for you. :)
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

#Citrix #XenApp #Citrix Scout #Citrix Insight Services #Microsoft VMMAP #Microsoft ADEXPLORE #Microsoft RAMMAP #Microsoft TCPVIEW #Microsoft AUTORUNS #Microsoft PROCESS EXPLORER #Microsoft PROCESS MONITOR
When we have a dead host and we lose all connections to the ESXi, and we need to find a way to move all VMs from that dead ESXi host.
Teach the user how to use configure the vCenter Server storage filters Open vSphere Web Client:  Navigate to vCenter Server Advanced Settings: Add the four vCenter Server storage filters: Review the advanced settings: Modify the values of the four v…
Teach the user how to configure vSphere clusters to support the VMware FT feature Open vSphere Web Client: Verify vSphere HA is enabled: Verify netowrking for vMotion and FT Logging is in place or create it: Turn On FT for a virtual machine: Verify …

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now