Installing and Configuring Microsoft Forefront TMG 2010

As the fourth installment in the Installing Exchange: 2010 series, Microsoft’s Forefront Threat Management Gateway is the routing component in our relatively simple setup. Last week’s entry was Whole Brain DNS where we separated the DNS records of internal machines and external machines.

Microsoft’s Forefront Threat Management Gateway is a firewall tool that is highly configurable and even acts as an intelligent router of sorts. Forefront TMG is meant to be installed on the Edge machine and not the hub as Forefront will work with the Edge Transport Server to deliver mail for Exchange. You can download Forefront TMG here. Let’s dig in!

  1. Open the Microsoft Forefront Threat Management Gateway installer
  2. In the installer window click Next
  3. Leave the default installation location and click Next
  4. In the main installer window, click Run Windows Update

  5. Install all updates until Windows Update says there are no more updates, rebooting when necessary
  6. Navigate to C:\Threat Management Gateway using Windows Explorer
  7. Run the autorun HTML file
  8. In the main installer window click Run Preparation Tool

    1. In the Forefront TMG Preparation Tool window click Next
    2. Click the I accept the terms of the License Agreements and click Next
    3. Click Next
    4. When the preparation completes, click Finish
  9. In the Forefront TMG Enterprise Installation Wizard window click Next
  10. Click the I accept the terms in the license agreement radio button and click Next
  11. Enter the name of the initial user, the organization, enter the product key and click Next
  12. Click Next
  13. On the Define Internal Network click Add…

    1. In the Addresses window click Add Adapter…

    2. Check the checkbox beside the internal edge NIC and click OK
    3. Click OK
  14. Click Next in the installation wizard window
  15. Click Next
  16. Click Install
  17. Once the installation is finished, click Finish

While this is just the installation, there’s still a lot more configuration to do before we can connect to the internet with machines on the inside of our network. Check back later this week when we tackle the Getting Started Wizard.

Image Credit: ZDNet


My blog is hosted on Digital Ocean. If you want to sign up for Digital Ocean’s VPS services I’d like to ask you to graciously use this referral link: https://m.do.co/c/fa082b6466bf . You’ll get $10 in free credit and once you’ve spent $25 of your own money, I’ll receive $25 myself, meaning that you’ll be indirectly supporting my blog.

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.