Solved

Setup ForeFront TMG as a forward proxy

Posted on 2013-01-15
4
1,141 Views
Last Modified: 2013-01-29
Hi,

We have a client that has requested a Forefront TMG 2010 server be installed and configured as a forward web proxy ONLY. They don't want any of the other cool Forefront features.

As per their spec, I've installed the Forefront server in a single adapter setup with it on the DMZ network and added the LAN ranges to the Internal Networks.

Does anyone have any instructions or handy links for step by step configuring of Forefront as a forward web proxy and any other best practice?

I've searched the web and EE and there are numerous resources for everything else related to Forefront but this?

Any tips would be appreciated. Thanks.
0
Comment
Question by:southwestsixteen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Author Comment

by:southwestsixteen
ID: 38777927
UPDATE: I've done what I believe to be the forward proxy config but when I set this server as the proxy in IE I get the attached error when navigating to a website.
ProxyError.PNG
0
 
LVL 23

Accepted Solution

by:
Suliman Abu Kharroub earned 500 total points
ID: 38778193
Make sure that the client which you are testing from can reach tmg server... The attached error mag is not returned from tmg.

By default tmg listen for web clients on port TCP 8080... Male sure that this port is allowed from internal to dmz (or tmg).
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 38779533
If you look at the error message it states that the page cannot be displayed - not that it cannot be reached. It also notes 'bad data' which is normally a red herring to be honest.

This should be a doddle but assumes you have set the server up correctly - not only for TMG but just as a plain windows server in the first instance.

For example, is the routing set up correctly to ensure traffic can get back into the internal network?
What ip address ranges have you added into the TMG gui network config? Port No in the browser?
What firewall policies have you added?
How is DNS being handled - from an external dns service or your internal dns service?

Have you fired up the best practice analyser to check the obvious issues to start with?

if you still have issues I will point you to a walk through link but always best to understand your own mistakes so you learn for the future before just following 'the guide'....
0
 
LVL 3

Author Comment

by:southwestsixteen
ID: 38831978
Thanks for the input guys. The mistake was apparently that IE had the proxy port as 80 but when I changed it to 8080 it worked ok. We're still in the testing phase but it all seems ok.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question