Since setting up my Microsoft Threat Management Gateway, I’ve come to realize how restrictive it is… The default installation setups both an in-coming and out-going firewall. This can be rather frustrating if you don’t know how to configure things correctly.
In this post I’ll show you how to configure an Access Rule to allow the AT&T Global Network Client thru to wherever your going…
1. Open up your Forefront TMG Management console and find the "Firewall Policy" link within the left side tree.
2. Under the Tasks tab on the right side, find the “Create Access Rule” and left click it.
3. Call the Rule name: AT&T Global Network Client
and hit next
4. We’ll want to “Allow” it…
5. This rule applies to “Selected protocols” and click the “Add” button
6. Under the “Add Protocols” window, click New->Protocol
7. Name it the “AT&T Network Client” then add the following ports to the list:
a. TCP, Outbound, From 50 To 50
b. TCP, Outbound, From 389 To 389
c. UDP, Send, From 500 To 500
d. TCP, Outbound, From 709 To 709
e. UDP, Send, From 4500 To 4500
f. TCP, Outbound, From 5080 To 5080
8. Our rule now needs to specify the “From” network of Internal, and the “To” network as External
Finish and Apply the changes… This should allow your VPN Client to connect and work properly.
