• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Front End server can't join domain through TMG 2010

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Threat Management Gateway (TMG) 2010] >> Installation >> Front End server can't join domain through TMG 2010 Page: [1]
Login
Message << Older Topic   Newer Topic >>
Front End server can't join domain through TMG 2010 - 7.Jun.2011 9:47:29 PM   
careyd

 

Posts: 3
Joined: 7.Jun.2011
Status: offline
FE server in the DMZ on a Tri-Homed setup.
DMZ network settings: IP 172.16.1.1| Mask: 255.255.255.0| Gateway "blank"|DNS 192.168.1.4
Internal Network: IP: 192.168.1.23| Mask 255.255.255.0|Gateway "blank"| DNS 192.168.1.4
FE server IP: 172.168.1.25|Mask -same as above| Gateway 172.168.1.1|DNS 192.168.1.4

ISA settings: DMZ to Internal - Route Network.
Firewall settings configured per Tom's description for ISA 2004 setup (closest I could find) link here> www.isaserver.org/articles/2004dmzfebe.htm

I can ping the DNS server which is a domain controller. What else might I be missing or can test/check to see what is going on?

Thank you!
Post #: 1
RE: Front End server can't join domain through TMG 2010 - 7.Jun.2011 10:21:59 PM   
stevenrix

 

Posts: 101
Joined: 16.Feb.2011
Status: offline
Open port 53 for DNS
Port 67 and 68 for DHCP
Port 88 for Kerberos
Port LDAP 386 and 637 for SSL.

(in reply to careyd)
Post #: 2
RE: Front End server can't join domain through TMG 2010 - 7.Jun.2011 10:23:06 PM   
stevenrix

 

Posts: 101
Joined: 16.Feb.2011
Status: offline
Additionally you can looking in the log when you join the computer to the domain to see what ports are denied. (depending of your configuration).

(in reply to careyd)
Post #: 3
RE: Front End server can't join domain through TMG 2010 - 7.Jun.2011 11:09:02 PM   
careyd

 

Posts: 3
Joined: 7.Jun.2011
Status: offline
I have all of them except 637 and 386 which I added. No change. What log do you refer to? The server's logs or TMG's logs?

(in reply to stevenrix)
Post #: 4
RE: Front End server can't join domain through TMG 2010 - 12.Jul.2011 2:49:08 PM   
renatomarson

 

Posts: 17
Joined: 12.Jul.2011
Status: offline
You can use the Tool PortQueryUI to verify if there is any port being filtered:
http://www.microsoft.com/download/en/details.aspx?id=24009

(in reply to careyd)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Threat Management Gateway (TMG) 2010] >> Installation >> Front End server can't join domain through TMG 2010 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts