Installing Forefront TMG services in interactive mode
Updated: February 1, 2011
Applies To: Forefront Threat Management Gateway (TMG)
This topic describes how to install Forefront TMG on your computer in interactive mode. In interactive mode, you monitor the installation process, and enter the required setup information when prompted by the setup process. To run setup in interactive mode, you must be a member of the Administrators group on the local computer.
For instructions on how to install Forefront TMG in unattended mode, see Installing Forefront TMG services in unattended mode.
Installing Forefront TMG in interactive mode
To run an interactive installation
Insert the Forefront TMG DVD into the DVD drive, or run autorun.hta from a shared network drive.
On the main setup page, click Run Windows Update. Windows Update might require one or more computer restarts. If the computer restarts, you must launch the setup page again, as described in step 1 of this procedure.
On the main setup page, click Run Preparation Tool to launch the Preparation Tool. For instructions on running the Preparation Tool, see Preparing for installation.
On the main setup page, click Run Installation wizard to launch the Forefront TMG Installation Wizard.
On the Installation Type page, click the Forefront TMG services and Management button.
On the Installation Path page, specify the Forefront TMG installation path.
On the Define Internal Network page, click Add, click Add Adapter, and then select the adapter which is connected to the main corporate network. See Adding IP addresses to the internal network below.
Note
If you are installing Forefront TMG on a computer with a single network adapter, all IP address ranges should be configured for the Internal network, except for the following:
- 0.0.0.0
- 255.255.255.255
- 127.0.0.0-127.255.255.255 (Local Host)
- 224.0.0.0-254.255.255.255 (multicast)
- 0.0.0.0
On the Ready to Install the Program page, click Install.
Note
The first time you run the Forefront TMG Management console, the Getting Started Wizard starts automatically, enabling you to modify IP address settings for your networks and to configure update settings. For more information, see Configuring initial deployment settings.
Note
After you restart the Forefront TMG computer or services, the following error message might be displayed:
“Forefront TMG detected Windows Filtering Platform filters that may cause policy conflicts on the server. The following providers may define filters that conflict with Forefront TMG firewall policy: Microsoft Corporation.” If this message is displayed, disable the alert from appearing again, since it does not indicate a real conflict.Adding IP addresses to the internal network
On the Addresses page, select any of the following methods to add addresses to the Internal network:
Add Range—To add a range of IP addresses. You must specify the beginning and ending IP address in the range; for example, 10.0.0.1 to 10.0.0.255.
Add Adapter—To select a network adapter. The IP addresses that are included in the Internal network are based on the IP address and subnet mask of the selected adapter.
Add Private—To add IP addresses defined as non-routable IP addresses, based on Request for Comment (RFC) 1918, and on the Automatic Private IP Addressing (APIPA) feature. For more information about private addresses, see RFC1918 (https://rfc.net/rfc1918.html) and How to use automatic TCP/IP addressing without a DHCP server (https://go.microsoft.com/fwlink/?linkid=51291).
The following table shows the permitted IP address ranges, based on RFC 1918 or APIPA.
| IP address range | RFC 1918 or APIPA |
|---|---|
10.0.0.0–10.255.255.255 |
RFC 1918 |
172.16.0.0–172.31.255.255 |
RFC 1918 |
192.168.0.0–192.168.255.255 |
RFC 1918 |
169.254.0.0–169.254.255.255 |
APIPA |
Related Topics
Concepts
Installing Forefront TMG services
Planning to install Forefront TMG