Solved

Ports required for TMG 2010

Posted on 2012-03-18
3
657 Views
Last Modified: 2012-04-01
Dear All,

I’m planning to install TMG 2010 SP2 as a standalone array (2 servers) connected directly to the firewall.

I’ll use the TMG 2010 for everything almost (proxy, exchange publishing, shrepoint publishing, Lync, VPN … etc)

I would like to know what are the required ports that I have to open in the Cisco firewall which the TMG connect to directly.

Thanks
0
Comment
Question by:ACS2012
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 250 total points
ID: 37736531
The obvious ones are TCP for ports 25, 80 and 443 inbound and outbound for internal web browsers going out and publishing internal Exchange and Sharepoint to external users (although you may decide not to let port 80 inbound unless you have a normal internal web site you want to make available). You will need multiple external ip addresses and each will need one or more of these ports associating with them. i.e. you will not be able to publish lync, exchange and sharepoint all over one ip address - it would be a nightmare.

You will need to decide which ports you want to use for the additional services you want to make available.
0
 

Author Comment

by:ACS2012
ID: 37736603
i have multiple public ip's, that's ok.

but i need to know the required ports for each service.
0
 
LVL 22

Accepted Solution

by:
Jakob Digranes earned 250 total points
ID: 37736649
as Keith says - most will need 80 and 443

then you must specify which services you want to deploy: All ports TCP
Lync will require one public IP - port: 443 (and possibly 80)
Exchange will require on public IP: port 80 and 443
sharepoint same ports..

proxy would be internal - i guess you mean web proxying from inside.
VPN - what service? SSL - port TCP443, pptp port TCP1723 (please don't use), IKE-UDP500

And for LYNC you need to deploy several other services directly on firewall (AV, SIP and Web Conference)
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question