![]() This TMG is not being used for outbound Internet access for any other purposes or clients, and I need to enable ONLY outbound access from the perimeter network for Windows Update. I have two DNS servers configured on the Local Network leg only, and they are able to resolve all of these Microsoft update sites successfully. I created a new Domain Name Set rule, using different web sites, and duplicated this behavior using Internet Explorer - http works, https does not. If I change the To: part of the rule to External network, traffic is allowed to all web sites, including HTTPS. The logs indicate that HTTP connections to the Microsoft update sites are being allowed, but HTTPS connection are being denied and thus Windows Updates are failing. To: Microsoft Update Sites (Domain Name Set) I need servers on my perimeter network to update themselves directly via the Internet. We have a 3 leg perimeter network configured with Forefront TMG 2010.
0 Comments
Leave a Reply. |