Using TMG 2010 as a proxy for Outlook anywhere when exchange server2010 is published under TMG 2010


  • I have an outlook client 2007 in domain X, an Exchange server 2010 in domain Y and a TMG 2010 server to be used a firewall between the exchange server and the client machine so a bring up 2-factor authentication for the client user.

    Though X and Y are two different domains, I am still able to make the client load mailbox from the exchange server, which I suppose normally should not happen. I doubt if this is happening because both X and Y are in the same internal network.

    Now I wanted to try the outlook anywhere. So I added the TMG server name as the proxy under the connect to exchange server using HTTP. Even if I user Basic or NTLM authentication option here, I find all the flow from the client to the exchange server being blocked at the TMG.(Find the TMG server log image at the end)

     Since I am trying this in internal network, I have added only internal as the network for the web listener.

    I have created an Exchange Web Client Access rule that uses the above listener.

    Why does the Default rule block the HTTP, NetBios protocols? How do I resolve this? please help anyone.

    Wednesday, May 23, 2012 11:11 AM