locked
Created Remote Site but unable to authenticate remote site users to internal sharepoint or owa site. RRS feed

  • Question

  • Our main location currently has EBS 2008 which comes included with Forefront TMG MBE and the remote site we installed Forefront TMG 2010. 
    It seemed that we installed everything correctly we are able to ping back and forth with the main office and remote site. Also, exchange is able to connect on the remote site as well.

    But for some reason we are not able to connect to our internal Sharepoint or OWA Site at our remote location
    At our main location we type into the web address bar http://internalcompany/webiste and it works perfectly. It authenticates the user and logins automatically.
    Also when we go to our owa site address it also authenticates and logins normally.
    I'm pretty sure we are missing a Firewall setting or something to allow access.
    Any suggestions?

    Friday, September 3, 2010 6:53 AM

All replies

  • DNS has to be configured so that the same FQDN resolves to the correct Internal IP# of the Site(s) no matter which site the Users are comming from.  The FQDN used must match the Certificate when it is SSL.
     
    So users on the Main Lan resolve the FQDN to the direct private LAN IP# of the resource and go directly to the resource
    Users on the Remote LAN also resolve the FQDN to the direct private LAN IP# of the resource and go directly to the resource over the VPN Tunnel.
     
    The same correct DNS configuration will also assure authentication works properly.

    --
    Phillip Windell
     
    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
    "eddie.a" <=?utf-8?B?ZWRkaWUuYQ==?=> wrote in message news:fa72642c-6c0e-4af9-bf25-e0087a039a3f...

    Our main location currently has EBS 2008 which comes included with Forefront TMG MBE and the remote site we installed Forefront TMG 2010. 
    It seemed that we installed everything correctly we are able to ping back and forth with the main office and remote site. Also, exchange is able to connect on the remote site as well.

    But for some reason we are not able to connect to our internal Sharepoint or OWA Site at our remote location
    At our main location we type into the web address bar http://internalcompany/webiste and it works perfectly. It authenticates the user and logins automatically.
    Also when we go to our owa site address it also authenticates and logins normally.
    I'm pretty sure we are missing a Firewall setting or something to allow access.
    Any suggestions?

    Friday, September 3, 2010 2:39 PM
  • We Currently have a RODC in the remote site location.  This setup was working before with our sonicwall firewall but with a different gateway to our main location.  But we replaced it with the Forefront TMG.  The funny thing is that this setup works perfectly when do a PPTP VPN connection but as soon as we do the L2TP then are issue begins.
    Friday, September 3, 2010 4:21 PM
  • Eddie,

    At the remote site, are you trying to access these sites using the single name and not FQDN?

    What kind of traffic are you seeing on TMG 2010 (remote site) when the client tries to access either of those sites? Is the traffic making it to Forefront? You can see this in the Live Logging.

    If the traffic is making it to TMG, does TMG then attempt to make the site to site connection. You should be able to see this in RRAS.

    The title of the problem seems to indicate an authentication problem but this seems to be more of a connection, RRAS, DNS, routing issue. Do you agree?

    Thursday, September 9, 2010 2:54 PM
    Answerer