1. | Log on to the Forefront TMG Server.
|
2. | Click Start, All Programs, Microsoft Forefront TMG, and Forefront TMG Management.
|
3. | In the left pane, expand the name of the TMG Server.
|
4. | Right-click Firewall Policy, click New, and click Web Site Publishing Rule, as shown in Figure 10.
|
5. | On
the Welcome to the New Web Publishing Rule page, enter a name for the
publishing rule that will be easy to reference in the future. Click Next.
|
6. | On the Select Rule Action page, choose Allow. Click Next.
|
7. | On the Publishing Type page, select Publish a single Web site or load balancer and click Next.
|
8. | On the Server Connection Security page, choose Use SSL to connect to the published Web server or server farm. Click Next.
|
9. | On
the internal Publishing Details page, enter the FQDN of the internal
web farm where meeting content and the Address Book are hosted in the
internal Site name box.
Note
The ISA Server must be able to resolve the FQDN
entered in step 9. If the ISA Server will not be able to reach a DNS
server that can resolve the FQDN, select Use a computer name or IP address to connect to the published server and then enter the IP address in the Computer name or IP address box, as shown in Figure 11.
|
10. | On the internal Publishing Details page, enter /* as the path of the published folder. Click Next.
|
11. | On the Publish Name Details page, verify that This domain name is selected under Accept Requests for. Type the FQDN of the external web farm into the Public Name box. Click Next.
|
12. | On the Select Web Listener page, click New.
|
13. | On the Welcome to the New Web Listener Wizard page, enter a name for the new web listener in the Web listener name box. Click Next.
|
14. | On the Client Connection Security page, choose Require SSL secured connections with clients. Click Next.
|
15. | On the Web Listener IP address page, select external, and click Select IP Addresses.
|
16. | On the external Listener IP selection page, select Specified IP address on the TMG Server computer in the selected network, select an IP address, and click Add. Click Next.
|
17. | On the Listener SSL Certificates page, click Assign a certificate for each IP address, and select the IP address that was added in step 16. Click Select Certificate.
|
18. | On the Select Certificate page, select the certificate matching the public name selected in step 11, as shown in Figure 12 and click Select. Click Next.
|
19. | On the Authentication Settings page, select No Authentication. Click Next.
|
20. | On the Single Sign On Settings page, click Next.
|
21. | On the Complete the New Web Listener Wizard page, click Finish.
|
22. | Returning to the Select Web Listener page, select the listener that was just created and click Next.
|
23. | On the Authentication Delegation page, select No delegation but the client may authenticate directly. Click Next.
|
24. | On the User Sets page, click Next.
|
25. | On the Completing the New Web Publishing Rule Wizard page, verify the rule settings and click Finish.
|
26. | Click Apply to save the changes, as shown in Figure 13 and update the configuration.
 |
