To publish multiple Web sites over HTTPS
-
In the Forefront TMG Management console, in the tree, click the Firewall Policy node.
-
In the Tasks pane, click the Toolbox tab.
-
On the Toolbox tab, click Network Objects, click New, and then select Web Listener to open the New Web Listener Wizard.
-
Complete the New Web Listener Wizard as outlined in the following table.
Page Field or property Setting or action Welcome to the New Web Listener Wizard
Web listener name
Type a name for the Web listener. For example, type:
HTTPS Web Site Listener
Client Connection Security
Select Require SSL secured connections with clients.
Web Listener IP Addresses
Listen for incoming Web requests on these networks
Select the External network. Click Select IP Addresses, and then select Specified IP Addresses on the Forefront TMG computer in the selected network. In the Available IP Addresses list, select the appropriate IP address, click Add, and then click OK.
Authentication Settings
Select how clients will provide credentials to Forefront TMG
For HTTP authentication (the default option), select one or more of the check boxes. In a workgroup deployment, you can select only Basic.
If you want to require clients to provide a certificate, in the drop-down list, select SSL Client Certificate Authentication.
For form-based authentication, in the drop-down list, select HTML Form Authentication.
Collect additional delegation credentials in the form
This check box appears only when HTML Form Authentication is selected.
Select this check box only if you intend to select RADIUS OTP or SecurID.
Select how Forefront TMG will validate client credentials
For HTTP authentication, if you select Basic authentication in a workgroup, you can select LDAP (Active Directory) or RADIUS.
For forms-based authentication, select one of the available options.
Single Sign On Settings
Enable SSO for Web sites published with this listener
Single sign on (SSO) is available only when forms-based authentication is used.
Do not select.
Completing the New Web Listener Wizard
Review the settings, and then click Finish.
-
In the Tasks pane, click the Tasks tab.
-
On the Tasks tab, click Publish Web Sites to open the New Web Publishing Rule Wizard.
-
Complete the New Web Publishing Rule Wizard as outlined in the following table.
Page Field or property Setting or action Welcome to the New Web Publishing Rule Wizard
Web publishing rule name
Type a name for the Web publishing rule. For example, type:
Multiple Web Sites (HTTPS)
Select Rule Action
Action
Select Allow.
Publishing Type
Select Publish multiple Web sites.
Specify Web Sites to Publish
Published sites
For each Web site that you want to publish, click Add, and in Internal site name, type the host name that Forefront TMG will use in HTTP request messages sent to the published server, and then select Forefront TMG will use SSL to connect to the Web site.
Published Web Sites Public Names
Public name suffix
Type the suffix that will be appended to the internal site names specified on the Specify Web Sites to Publish page to create the public names that users will use to access the published Web sites.
Select Web Listener
Web Listener
In the drop-down list, select the Web listener that you created in step 4. You can then click Edit to modify properties of the Web listener that is selected.
Authentication Delegation
Select the method used by Forefront TMG to authenticate to the published Web server
Select No delegation, and client cannot authenticate directly.
User Sets
This rule applies to requests from the following user sets
Do not change the default option, All Authenticated Users.
Completing the New Web Publishing Rule Wizard
Review the settings, and then click Finish.
-
In the details pane, click Apply, and then click OK.
Note: |
---|
|
Related Topics
Copyright © 2009 by Microsoft Corporation. All rights reserved.