Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Setup ForeFront TMG as a forward proxy

Posted on 2013-01-15
4
Medium Priority
?
1,208 Views
Last Modified: 2013-01-29
Hi,

We have a client that has requested a Forefront TMG 2010 server be installed and configured as a forward web proxy ONLY. They don't want any of the other cool Forefront features.

As per their spec, I've installed the Forefront server in a single adapter setup with it on the DMZ network and added the LAN ranges to the Internal Networks.

Does anyone have any instructions or handy links for step by step configuring of Forefront as a forward web proxy and any other best practice?

I've searched the web and EE and there are numerous resources for everything else related to Forefront but this?

Any tips would be appreciated. Thanks.
0
Comment
Question by:southwestsixteen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Author Comment

by:southwestsixteen
ID: 38777927
UPDATE: I've done what I believe to be the forward proxy config but when I set this server as the proxy in IE I get the attached error when navigating to a website.
ProxyError.PNG
0
 
LVL 23

Accepted Solution

by:
Suliman Abu Kharroub earned 2000 total points
ID: 38778193
Make sure that the client which you are testing from can reach tmg server... The attached error mag is not returned from tmg.

By default tmg listen for web clients on port TCP 8080... Male sure that this port is allowed from internal to dmz (or tmg).
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 38779533
If you look at the error message it states that the page cannot be displayed - not that it cannot be reached. It also notes 'bad data' which is normally a red herring to be honest.

This should be a doddle but assumes you have set the server up correctly - not only for TMG but just as a plain windows server in the first instance.

For example, is the routing set up correctly to ensure traffic can get back into the internal network?
What ip address ranges have you added into the TMG gui network config? Port No in the browser?
What firewall policies have you added?
How is DNS being handled - from an external dns service or your internal dns service?

Have you fired up the best practice analyser to check the obvious issues to start with?

if you still have issues I will point you to a walk through link but always best to understand your own mistakes so you learn for the future before just following 'the guide'....
0
 
LVL 3

Author Comment

by:southwestsixteen
ID: 38831978
Thanks for the input guys. The mistake was apparently that IE had the proxy port as 80 but when I changed it to 8080 it worked ok. We're still in the testing phase but it all seems ok.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question