I have a network where the main firewall is SA5510. I recently added a Microsoft TMG server to this network for caching and proxying. Presently all the local area network has access to internet. Please see this: (access-list ATM extended permit tcp 192.168.100.0 255.255.255.0 any eq www). All the clients' gateway is ASA.
Well, now i want people to use web proxy (TMG) and ASA should allow only TMG server. what's the command to full fill this?
Please keep in mind that, One internal DNS server also plays as forwarder, so we need to give access the DNS server also in asa besides TMG, or TMG will take care of this? TMG is single interfaced.
Thanks for your quick help