Sign in
 
HomeProductsLibraryLearnDownloadsSupportForums
Microsoft Forefront TechCenter >
TMG behind NAT IPsec S2S Tunnel

Locked TMG behind NAT IPsec S2S Tunnel

  • Tuesday, July 20, 2010 11:29 AM
     
     
    Sign In to Vote
    0

    Hi,

    I would like to know, if TMG behind NAT-Device supports S2S IPsec Tunnels and what I would have to configure at TMG additionally.

    Thanks in advance

    Best regards
    hkillerm

       

    All Replies

    • Wednesday, July 21, 2010 8:44 AM
       
       Answered
      Sign In to Vote
      0

      Hi!

      It depends on what type of Firewall/NAT-device you have in front of the TMG, in most cases this is possible.
      You need to open and redirect traffic on several ports: UDP 500, 4500, and IP protocol 50.

      There is a good article on how to troubleshoot VPN with ISA, which is also true with TMG.  See the title "An IPsec tunnel cannot be established through a NAT device or router" on this link: http://technet.microsoft.com/en-us/library/bb794765.aspx

      Good luck