I have Forefront TMG 2010 installed as a Proxy server to limit internet access to users. I usually have the following issues:
1- I can't configure Email clients (Outlook) with URLs of POP/IMAP and SMTP and I have to locate the respective IP to make it work directly through clients.
2- Accessing local network resources (i.e. Network printer) with a certain internal IP and an assigned port (i.e. 10.255.255.20:3911) is impossible while Firewall is ON.
3- Certain URLs (usually secure HTTPS) with different ports (i.e. https://www.contoso.com:2083) are not working.
I tried tens of walkthroughs to add new outbound protocol with specified protocols but none of them work for me.
Best Answer
1 - you need to plan name resolution. If the clients don't connect to a DNS server that does Internet names, this is expected. TMG can do that for HTTP URLs, but not random no-name stuff, unless you install the Firewall Client on the client computers.
2 - Confused question. Firewall where is on to break this? If you're using the firewall client (is that the "firewall ON"?), you need to make sure your internal network definition covers all IPs within the internal network, so that clients don't try to use the FWC for connections within the local network.
3 - TMG blocks random SSL ports by default, so you need to use the TunnelPortRanges script to fix that. https://technet.microsoft.com/en-us/library/cc302450.aspx