lundi 23 avril 2012

[Ports used] How to protect TMG with DPM : Part 1

After my article on the Microsoft MVP Award Program Blog, you will found the "full" version of it.

1/ Introduction
When we try to protect a Forefront TMG (or UAG) server with Microsoft System Center Data Protection Manager (DPM) 2010, we naturally apply the required port official listed on this article: But we meet the following error when we try to attach the agent deployed on the TMG server ( to the DPM 2010 server:

This error means that some required ports are missing in Forefront TMG, confirmed by the entry on the event log on the DPM server:

Indeed when we make some tests we observe that the DPM server can't reach properly the TMG server on the required protocols.

First of all a ping to the TMG / UAG server fail:

The administrative file sharing access too:

The RPC call is also not reachable:

And finally the WMI call fails:

Next we will see the different objects to create in order to minimize the surface area on our TMG firewall in order to make the DPM protection work fine.

Aucun commentaire:

Enregistrer un commentaire