Hi there,
I have a problem with my TMG and publishing SSH for Internal and External users to an internal Server.
Network:
Internal Network
SSH Server, 10.10.10.25
Internal DNS record "ssh.domain.com" pointing to 10.10.10.254
TMG Server, 10.10.10.254/192.168.0.254
External Network
External DNS record "ssh.domain.com pointing to 192.168.0.254
I want my users (internal AND external) using their SSH client to connect to ssh.domain.com and TMG to forward the request to the SSH server. Note that internal clients and the SSH server are in the same network.
I have created a custom "SSH Server" protocol with inbound TCP for port 22 and created a Non-Web Server publishing rule.
Traffic Tab: SSH Server Protocol
From Tab: Internal, External
To Tab: 10.10.10.25, original client
Networks Tabs: Internal, External
External users cann connect without a problem, all fine here. Internal users get a timout. The TMG Log says: Denied Connection (Default Rule,The policy rules do not allow the user request) and doesn´t recognize this is an inbound request. The log gives me dest IP 10.10.10.254 and protocol SSH and not 10.10.10.25 and SSH Server.
I read a lot of networking rules and NAT/Routing, tried a bit but never got a success.
Can you help me fix or working around this and tell me whats going on there and if there a limitations in TMG I don´t know yet?
Regards,
Sascha