I have TMG 2010 behind NAT device to publish my direct access 2012. I have published the DA server and open built in system policy regarding Direct Access on TMG. I also enabled the VPN on direct access server.
When i try the VPN connection from outside organization, it is failed. I monitor the incoming request to my da server on TMG, and i can see there is no denied incoming request, there are only 2 types of traffic, Initiated and Closed.
The Initiated one seems ok, but the Closed Connection mentioning that the connection was abortively closed after one of the peers sent an RST packet.
Previously i had testing environment with exactly the same publishing rule entry on TMG, it works perfect. The only different between my testing environment and the current is that the current TMG is behind the NAT device.
Anyone has experienced this? Please advice.
PS: I tested the VPN using Windows 7 client, the VPN connection error code on client was 800 (The remote connection was not made because the attemted VPN tunnels failed)
- Edited by casper000 Wednesday, June 26, 2013 9:45 AM
I've worked on such scenario a few weeks ago : Publishing DirectAccess with a TMG Appliance.
The only tricky thing is that IPHTTPS cannot be handeled by the standard Web publishing rule. There is no change on DA (unless you want to publish multiple DA on the same public address).
BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx
I can see incoming request to my DA server in TMG Log & Report, but i cannot be sure the traffic goes to DA server itself, because just like i said from the beginning, the connection was abortively closed due to the received packet...
- Edited by casper000 Tuesday, July 09, 2013 10:04 AM