Enabling a network to receive firewall client requests

  • Article

This topic describes how to configure Firewall client support on a particular Microsoft Forefront Threat Management Gateway internal or perimeter network. You can set the following properties for Firewall clients:

  • Enable Firewall clients. Enable the network accept requests from Firewall client on TCP port 1745.
  • Configure Web browser settings for Firewall clients on the network.
  • Create a Local Domain Table (LDT) to specify domains that Firewall clients on the network should access directly.

To enable Firewall client support

  1. In the Forefront TMG Management console, click Networking.
  2. On the details pane, click the Networks tab.
  3. Right-click the required network, and then click Properties.
  4. On the Firewall Clients tab, do the following:
    1. To enable the network to listen for Firewall client requests, select Enable Firewall client support for this network.
    2. In Name, specify the fully qualified domain name (FQDN) of the Forefront TMG server to which Firewall clients should make requests. Ensure that there is a DNS entry available for clients to resolve the name. Otherwise, specify an IP address.

To configure Firewall client browser settings

  1. In the Forefront TMG Management console, click Networking.
  2. On the details pane, click the Networks tab.
  3. Right-click the required network, and then click Properties.
  4. On the Firewall Clients tab, select the following:
    1. Select Automatically detect settings to enable clients to use a WPAD entry obtained from a DHCP or DNS server to automatically discover a WPAD server on which the Wspad.dat configuration file is located.
    2. Select Use automatic configuration script to specify that Firewall client Web browsers should obtain settings from a configuration file. The default Forefront TMG configuration file holds information about the proxy server to be used for Web requests and about the settings specified on the Web Browser tab and Domain tab of the network properties. You can also create a custom proxy automatic configuration file. This method can be used together with WPAD. If WPAD fails, the configuration script location is used.
    3. Select Use a Web proxy server to specify a static Web proxy that clients should use for Web requests.