share point TMG reverse proxy RRS feed

  • Question

  • Hi All we currnetly have TMG installed in our DMZ with one nic (reverse proxy) i would like to publish sharepoint externally so that users can access it from anywhere. Now i have previously used a method which was explained from this site for OWA and a single nic on ISA2004 http://www.isaserver.org/articles/2004unihomedowapart1.html This works great with our ISA 2004 and OWA forms based authentication. can this same approach be used for TMG and Sharepoint, or is there another method? if so could someone point me in the right direction. some background current setup TMG single nic this box sits in our DMZ this is a new box which has no other services going through it. exsiting ISA 2004 single nic setup siting in our DMZ using the http://www.isaserver.org/articles/2004unihomedowapart1.html thanks
    Monday, March 22, 2010 3:01 PM


  • One important thing to remember with ISA/TMG web publishing is there is usually no "one size fits all" article or guide.  Most guides you find  can be very help but often provide step by step instructions for very specific scenarios.  Many of the configuration steps are dependent on your particular security requirements.

    In the article you reference, most of the information discusses configuring the OWA sever itself...configuring the cert and exporting it to the ISA server.  Also, this article specifically discusses an SSL to SSL bridging scenario.  Is this a requirement for you...or would an SSL to HTTP bridging scenario suffice?  Also, you then need to decide about Certificate authorities.  Will you require a Public Certificate Authority, so the external clients are not nagged about Trusting a certificate, etc....

    This article also discusses the use of a HOSTS file entry, which is not required for TMG.  Strickly from a TMG perspective, first make sure the Internal Network object contains all IP ranges.  Next, use the wizard to create the Sharepoint publish rule.  Many of the answers should be clear.  Also, the following article may help get you started:



    Richard Barker (MSFT)

    Tuesday, March 23, 2010 9:08 PM