Sign in
 
HomeProductsLibraryLearnDownloadsSupportForums
Microsoft Forefront TechCenter >
VPN Client Understanding

Answered VPN Client Understanding

  • Saturday, July 28, 2012 11:07 PM
     
     
    Sign In to Vote
    0

    Hello

    I'm new to TMG and UAG products, and firewalls, vpns, in general.  What I'm trying to accomplish is this.  I've setup a TMG system with two NIC, one to the external network (internet) and one to the internal network (home lan) 

    I've walked through the VPN client access Wizard, and specified all the appropriate criteria, saved all the changes, added all the users and groups etc.

    Now I've installed the TMG client on a laptop that will be remote, BUT NOT CONNECTED to the DOMAIN it is just a stand alone laptop with the TMG client on it, running Windows 7.  The TMG server IP address is added to the client, but when it tries to connect it fails. 

    How do I troubleshoot this, and should the TMG client prompt me for credentials to login once it finds the TMG server.

    Thanks for the help,

    john

    John Wildes | Hitachi Data Systems | Director - Microsoft Technologies | Converged Platforms

     

All Replies

  • Sunday, July 29, 2012 8:53 AM
     
     
    Sign In to Vote
    0

    Hi,

    using the TMG client has some pros and cons:
    First, the client which run the TMG client must be a domain member of the same or trusted domain as the TMG Server or you have to use mirrored accounts on the client anfd the TMG client to get the TMG client working:
    http://technet.microsoft.com/en-us/library/bb794762.aspx
    And in addition, the TMG client does not work when you are not connected to the internal network

    regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.nt-faq.de

     
  • Wednesday, August 01, 2012 2:15 AM
    Moderator
     
     Answered
    Sign In to Vote
    0

    Hi,

    Thank you for the post.

    As per this article: http://technet.microsoft.com/en-us/library/dd897009.aspx,

    Using the Forefront TMG Client on a computer connected to ISA Server via Virtual Private Network (VPN) may lead to connectivity problems. Specifically, the client will not be able to establish IPsec connectivity with computers on the internal network. To solve this problem, do one of the following:

    • Disable Firewall Client for ISA Server on client computers.
    • Connect the client to an alternative ISA Server computer that is not acting as the VPN gateway for remote client connections.

    Regards,

    Nick Gu - MSFT