Over the last few weeks I have been building up a new home lab system for production and semi production testing.

The system runs on my new Dell Vostro 430 machine with i780 CPU and 16GB of RAM and hosts Exchange 2010 SP1 and Lync 2010 RC amongst other things.

One of the other things is the Forefront TMG box that publishes various content to the Internet. Until recently I was managing TMG via the console viewer on HyperV, however on Friday last week a colleague helped me setup internal RDP access for remote desktop. Here’s how:

First open up Forefront TMG Management console and in the left hand pane click on Firewall Policy.

In the far right pane, click on Toolbox and drill down into Computer Sets to find Enterprise Remote Management.

image

Double click Enterprise Remote Management to open the set and then use the Add button to ensure that your internal subnet is listed.

image

Next back in the left hand pane right click Firewall Policy and create a new access rule:

image

You should give the rule a meaningful name like TMG RDP Management and then setup the rule to allow RDP (Terminal Services) traffic from the Internal network to the Local Host.

image

At this point save all the new configuration and enjoy being able to manage your TMG box via RDP from your LAN.

Cheers

Nathan

5 Replies to “Enabling RDP management access to Forefront TMG 2010”

  1. FYI: There is a default system rule which enables remote RDP and Forefront Management Console access that you can view by enabling “Show system rules” in the Toolbox in Firewall Policy. I would recommend using this rule instead of crating a custom one. The “Enterprise Remote Management” are by default included in the system rule.

  2. Alternative:
    Go Firewallpolicy, right mouse button, all tasks, edit system policy, go to Terminalserver, tab Remote, edit Remotemanagement the source ip that is allowed to access via rdp to your forefront machine.

Leave a Reply

Your email address will not be published. Required fields are marked *