About single network adapter topology

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

This topic describes the single network adapter topology, as follows:

  • Functionality of a single network adapter topology

  • Limitations of a single network adapter topology

Functionality of a single network adapter topology

The single network adapter topology enables limited Forefront TMG functionality, that includes:

  • Forward (CERN) proxy for HTTP, HTTPS, and CERN proxy FTP (download only).

  • Web caching for HTTP and CERN proxy FTP.

  • The following Web publishing scenarios:

    • Web publishing.

    • HTTP-based communications, such as Microsoft Office SharePoint Server, Exchange Outlook Web Access 2007, ActiveSync®, and remote procedure call (RPC) over HTTP (Outlook Anywhere, Terminal Services Gateway or WSMAN-based traffic).

  • Dial-in client virtual private network (VPN) access.

Limitations of a single network adapter topology

The following limitations apply when you use the single network adapter topology:

  • Server publishing and site-to-site VPN are not supported.

  • SecureNAT and Forefront TMG Client traffic are not supported.

  • Access rules must be configured with source addresses that use only internal IP addresses.

  • Firewall policies must not refer to the external network.

Concepts

Planning Forefront TMG network topology