Link to home
Start Free TrialLog in
Avatar of Patrick Elsen
Patrick ElsenFlag for Belgium

asked on

Different authentication for internal and external access through TMG 2010

Suppose you need to publish some sites both internally and externally using TMG 2010...

When a user is "internal" (connected to the LAN), we do not want users to enter extra authentication to access the site as they are already logged in using their active directory account.

When the same user is "external" (coming in through the internet - we have a hardware firewall in front of the TMG), we want the users to enter their userid/password before being admitted to the same site.

Is this is configuration that can be setup with TMG 2010? How should this be done?
Avatar of Pradeep Kini
Pradeep Kini
Flag of India image

1. Is the TMG a part of a workgroup or added to an AD domain ?
The servers are a Part of the LAN and since the users Authenticate against the AD, you donot need additional user/password for authentication, but when the users accesses the applications / websites the user should use the AD user name/ pwd? correct me if wrong.

You will need to register the application on the public DNS and map it to the public IP.
If TMG is the perimeter firewall then assign the public IP on external interface and create a web publishing rule.
Avatar of pwindell
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial