When publishing non-Web servers, Forefront TMG uses server publishing rules to map requests to servers in a Forefront TMG network from clients located in other networks. Clients can be external clients located on the Internet or internal clients located on a different internal network.
 Note: |
|---|
| In some circumstances, you might consider using server publishing rules instead of access rules for Web access; for example, to allow internal clients to access a non-Web server located in a perimeter network. |
When you plan non-Web server publishing, consider the following:
- Server publishing can be used to publish most
TCP and UDP protocols.
- The published server should be configured as
a SecureNAT client with a default gateway pointing to Forefront
TMG.
- You cannot authenticate user requests for
non-Web servers.
- You can use IP address control to specify who
can access published resources.
- Each server publishing rule publishes a
single server and protocol.
- Server publishing configures Forefront TMG to
listen on a specific port, and to forward requests to the published
server. You can configure the following port properties:
- Publish on a port other than the default
port. For example, publish FTP services through port 22 on
Forefront TMG; Forefront TMG then redirects requests to the default
port 21 on the published server.
- Specify the port on the published server to
which requests should be sent. This can be the default port or an
alternative port.
- Limit the source ports from which client
requests can be received.
- Publish on a port other than the default
port. For example, publish FTP services through port 22 on
Forefront TMG; Forefront TMG then redirects requests to the default
port 21 on the published server.