Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Ports required for TMG 2010

Posted on 2012-03-18
3
Medium Priority
?
660 Views
Last Modified: 2012-04-01
Dear All,

I’m planning to install TMG 2010 SP2 as a standalone array (2 servers) connected directly to the firewall.

I’ll use the TMG 2010 for everything almost (proxy, exchange publishing, shrepoint publishing, Lync, VPN … etc)

I would like to know what are the required ports that I have to open in the Cisco firewall which the TMG connect to directly.

Thanks
0
Comment
Question by:ACS2012
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 1000 total points
ID: 37736531
The obvious ones are TCP for ports 25, 80 and 443 inbound and outbound for internal web browsers going out and publishing internal Exchange and Sharepoint to external users (although you may decide not to let port 80 inbound unless you have a normal internal web site you want to make available). You will need multiple external ip addresses and each will need one or more of these ports associating with them. i.e. you will not be able to publish lync, exchange and sharepoint all over one ip address - it would be a nightmare.

You will need to decide which ports you want to use for the additional services you want to make available.
0
 

Author Comment

by:ACS2012
ID: 37736603
i have multiple public ip's, that's ok.

but i need to know the required ports for each service.
0
 
LVL 22

Accepted Solution

by:
Jakob Digranes earned 1000 total points
ID: 37736649
as Keith says - most will need 80 and 443

then you must specify which services you want to deploy: All ports TCP
Lync will require one public IP - port: 443 (and possibly 80)
Exchange will require on public IP: port 80 and 443
sharepoint same ports..

proxy would be internal - i guess you mean web proxying from inside.
VPN - what service? SSL - port TCP443, pptp port TCP1723 (please don't use), IKE-UDP500

And for LYNC you need to deploy several other services directly on firewall (AV, SIP and Web Conference)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question