After you install Forefront TMG 2010, other computers cannot ping the computer hosting Forefront because the default firewall policy denies all the traffic from and to the host.
This section provides the information you need for:
You can create a custom Forefront firewall policy.
Prerequisites:
Install Forefront TMG 2010 using documentation from your vendor.
To create a custom policy to over ride the default firewall policy
To protect the resource, you must create a firewall policy rule using the Forefront TMG console.
When you create a listener for Authentication Preferences, be sure to check Allow client authentication over HTTP and Require All users to authenticate. Otherwise, you will not be able to access the published Web site using the TMG proxy.
Authentication Delegation is used by the TMG server to authenticate to the published Web server.
Note:
You can have IIS and Forefront TMG installed on the same (or a different) computer. Here, both reside on same host.
To create a custom policy to override the default firewall policy