Hello!
My TMG's weblistener seems to ignore traffic from external network without logging it.
I have a simple configuration to publish a sharepoint foundation site as extranet (as described in microsoft help and here http://sharepoint.microsoft.com/blog/Pages/BlogPost.aspx?PageType=4&ListId={72C1C85B-1D2D-4A4A-90DE-CA74A7808184}&pID=804)
Basically, I want my extranet on https://extranet.domain.com through TMG in the middle (with NTLM authentication, bridging from SSL 443 port on TMG to an internal site on HTTP 8852). The sharepoint works fine.
I have an external domain name registered, which points to TMG's weblistener.
TMG has one external nic with two IPs and two listeners:
- IP1 for direct access (which works fine, and accepts traffic from the external)
- IP 2 for extranet, which is configured OK (as I think), but fails to accept traffic from outer world.
Important moments:
- when I test the rule sitting in the office network, traffic goes from internal network to external nic IP 2 as expected (all served by this same TMG), connects to https://extranet.domain.com through TMG and everything seems like I work with the extranet from internet.
TMG log shows that I connect to external nic's IP2 (extranet's weblistener).
Problem: when I test connection from home or from mobile internet, i.e. actually from outside of my office network, nothing happens! The TMG logs show nothing as if no traffic comes to weblistener.
To exclude problems with DNS I configured the weblistener to listen both on FQDN and on IP and test it by type https://0.0.0.0.x.x. (my IP). Same behaviour.
I spent 2 days figuring it out and searching internet and finally ran out of ideas.
Please, help me.
P.S. Forefront TMG runs on Windows Server 2008 R2, as a virtual machine on Hyper-V.