Shulou(Shulou.com)05/31 Report--

How to carry out firewall client authentication in TMG, for this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more small partners who want to solve this problem find a simpler and easier way.

Firewall client is also Web proxy client by default, why? Because after installing the firewall client, the browser will be automatically set up, so that the browser becomes the TMG Web proxy client. Firewall clients connect to TMG port 8080 when accessing http/https/ftp, and connect to TMG port 1745 when accessing other requests.

Note: If the client is installed with firewall client, TMG opens smtp,pop3 protocol and requires authentication, then the account name and password of login PC are used for authentication by default. If authentication fails, the email client Outlook cannot send and receive emails, and no prompt for user name and password will pop up.

The network topology is shown below

Experiment goal: test bob installed with outlook client. After opening smtp,pop3 on TMG, you can send and receive emails from Netease, and only bob is allowed to pass. After user mark logs in to PC, use outlook. Because the account and password do not match, firewall user requirements cannot send and receive emails. Check whether a dialog box asking for user name and password will pop up.

Firewall opens SMTP and pop3, allowing only user bob

On the TMG Firewall Policy node, select: New Access Rule

The name of the access rule is arbitrary, and I identify it as follows

allow

Add protocols we noticed that there are pop3 and pop3 servers, POP3 server direction is inbound, SMTP server is also inbound, and we want to access the Internet Netease, so we directly choose pop3 and SMTP protocol can be

Select POP3 and SMTP directly as shown below

Access Rule Source: Internal

Access target external

Delete all users and create a new user set "Send and receive mail group"

Add User Bob Only

This rule applies to: Send and receive mail group users, currently only bob has one member

Policy created successfully

Set the Outlook client of domain user bob. By default, Netease mailbox provides how to set it, as shown in the following figure.

Set up Outlook client, note that although firewall client is installed, gateway must be set up, otherwise Outlook authentication cannot pass, sometimes I can't figure out about this, see link: bbs.51cto.com/thread-967399-1.html

The client passed the test, as shown in the following figure

The client sends a test email to itself

As shown in the figure below, I have received the email I sent myself.

The above completes the sending and receiving of emails after Bob logs in.

Test mark user login PC, and then still use the mailbox account and password just now, in fact, this must not succeed, as shown in the following figure directly in the authentication block has failed, where there are prompts to enter the user name and password, different from the Web proxy client, we know that the Web proxy client in the access to the web page, if the integrated authentication failed, will prompt to enter the user name and password.

About how to carry out TMG firewall client authentication questions to share the answer here, I hope the above content can be of some help to everyone, if you still have a lot of doubts not solved, you can pay attention to the industry information channel to learn more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.