Publishing Lync IIS with Forefront TMG on Non Domain Joined PCs

Posted on 2012-08-17
Last Modified: 2012-08-20
I successfully setup the reverse proxy for my lync server with forefront TMG.  When I test the published IIS pages externally on a laptop that is joined to the domain it works with no issues as per the instuctions i followed from technet to create reverse proxy.

If I try connecting from a non domain pc i get the cert error.  I have tried exporting the CA chain and public edge cert with still no luck.

Is there a security setting that is blocking this somewhere?

Question by:brandywine
    LVL 12

    Accepted Solution

    The Edge Server certificate has nothing to do with the TMG server.  See this article for a deeper explanation of the proper setup:

    If the certificate on the TMG server is public then you don't need to export any of the chain to the external workstations.  But the fact that the domain-joined computer work while the others do not tells me that something about your TMG configuration is most likely leveraging internal certificates and not public certificates.

    What is your certificate setup in TMG?

    Author Comment

    when I created the reverse proxy I chose the external cert that was for the edge server - Do I need another public cert for the TMG and if so, how do I create it?


    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Join & Write a Comment

    Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
    Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now