Export (0) Print
Expand All

Configuring Firewall clients for automatic detection

For ease of deployment, when you configure Firewall client support on a Microsoft Forefront Threat Management Gateway network, you can configure the network properties to enable Web browsers on Firewall client computers in the network to use automatic discovery, either by using WPAD or a static configuration script.

These settings are applied when Firewall Client software is installed on client computers. If you later make changes to Firewall client configuration settings on the Forefront TMG computer, Forefront TMG automatically updates configuration settings as follows:

  • Each time Firewall Client is restarted.
  • Each time Detect Now or Test Server is clicked on the Settings tab in the Microsoft Firewall Client management console on the client computer.
  • Every six hours after the previous refresh.

Settings are applied to all users on the Firewall client computer.

  1. In console tree of Forefront TMG Management, click Networking.
  2. In the details pane, click the Networks tab, and then select the applicable network (usually Internal).
  3. On the Tasks tab, click Edit Selected Network.
  4. Ensure that Enable Firewall client support is selected on the Firewall Client tab, and on the Auto Discovery tab, select Automatically detect settings.

  1. In the console tree of Forefront TMG Management, click Networking.
  2. In the details pane, click the Networks tab, and then select the applicable network (usually Internal).
  3. On the Tasks tab, click Edit Selected Network.
  4. Ensure that Enable Firewall client support is selected on the Firewall Client tab, and on the Auto Discovery tab, select Use automatic configuration script.
  5. Select one of the following:
    • Use default URL. Forefront TMG provides a default configuration script at the location http://FQDN:8080/array.dll?Get.Routing.Script, where the FQDN is that of the Forefront TMG computer. This script contains the settings specified on the Web Browser tab of the network properties.
    • Use custom URL. As an alternative to the default script, you can construct your own Proxy Auto-Configuration (PAC) file and place it on a Web server. When the client Web browser looks for the script at the specified URL, the Web server receives the request and returns the custom script to the client.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft