Internet Related/Filtering/Firewall Thread, Microsoft Threat Management Gateway 2010 - Wifi Managing in Technical; We currently have TMG in place and working well, however we are looking at making more use of TMG's features. ...
10th October 2011, 07:04 PM #1
- Rep Power
Microsoft Threat Management Gateway 2010 - Wifi Managing
We currently have TMG in place and working well, however we are looking at making more use of TMG's features. We are implementing a new wireless system that i want to be open but secure, to get this we are hoping TMG can step in and work well.
These are laptops that are not school owned and must not be any configuration change so the user just clicks connect to network, once connected any laptop that are in this group will go through the TMG to access the internet and require the user to login. We have selected captivate as a possible solution for this as you can utilise a listener to capture login info.
These laptops are school owned laptops that have to be usable at the users home address (E.G no proxy server stated), and can connect to all the school services without any login information as it should all be in the laptop as part of its login process. Theese laptops are connected to a domain.
The above is what I am trying to achieve and so far I have managed to get un-trusted laptops to work perfectly, however when it comes down to the Trusted laptops it’s a different outcome. When i read up on TMG it has a client that you can use, even though when I install it the laptops are still not passing on login information.
My Network config is very simple in terms of the clients, the wireless is on its own VLAN and the TMG is plugged into this VLAN via a dedicated NIC with an IP address of 172.16.80.254. The DHCP server hands out the IP addresses and the default gateway is the TMG (172.16.80.254).
The most annoying part is it doesn’t ask for login information, it just fails!!
Can anyone shed any light on this?
10th October 2011, 07:35 PM #2
How are clients configured i.e. the trusted laptops? they should be able to just use the wpad info to configured the proxy file automatically. This is done by setting up the wpad on the dns server and then allowing the TMG clients to pick it up. You may need to create rules on tmg to allow appropriate traffic i.e. allow access from internet to external.
Need a bit more info on what type of client the trusted laptops are i.e. secureNAT, webproxy or firewall client
11th October 2011, 09:31 AM #3
- Rep Power
The trusted laptops are firewall clients, wpad only works for IE? i was hoping the trusted laptops to have access to everything only if authenticated.
11th October 2011, 09:50 AM #4
If they are joined to the domain, then you can create the rules in TMG (if tmg 2010 is joined to the domain as well) to allow users access to the internet. The rules are based on network objects, computer accounts, subnets etc.
By jamesfed in forum Internet Related/Filtering/Firewall
Last Post: 20th June 2011, 02:55 PM
By leco in forum How do you do....it?
Last Post: 3rd May 2010, 07:45 PM
By FN-GM in forum Internet Related/Filtering/Firewall
Last Post: 4th March 2010, 08:55 AM
By jam3s in forum Wireless Networks
Last Post: 28th July 2009, 05:55 PM
By rst101 in forum Wireless Networks
Last Post: 13th October 2008, 09:26 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)