Configuring Access Rules for Internet Access in TMG 2010

By default everything is deny when you install TMG 2010 Server. So to enable access for Internet Access for Internal Network, you must configure an access rule for Outbound access rule that grants Internet Access for Internal Network.

1. In the TMG Server Management Console tree, select the Firewall Policy.

2. In the Firewall Policy list, click on the Tasks Tab and Click on Create Access Rule.

3. On the Welcome to the New Access Rule Wizard, type Limited Internet Access as the Access rule name, and then click Next.

4. On the New Access Rule Wizard, Click Allow and then click Next

5. On the Protocols page, in the This Rule applied to drop-down box, click Selected Protocols, and then click Add

6. In the Add Protocols dialog box, expand Common Protocols, then click DNS and click Add. And same to HTTP, HTTPS. Click Close.


7. On the Protocols page, click Next

8. On the Malware Inspection page, click on Enable malware inspection for this rule and click Next

9. On the Access Rule Sources page, click Add

10. In the Add Network entities dialog box, expand Networks, click Internal, and then click Add. Click Close. Click Next


11. On the Access Rule Destinations page, click Add

12. In the Add Network entities dialog box, expand Networks, click External and then Click Add. Click Close and Click Next

13. On the User Sets page, click Next

14. On the Completing the New Access Rule Wizard page , review the settings and click Finish.Then Click Apply twice and Click OK.

Related Post  Configuring TMG 2010 Firewall with Multiple NICs in Enterprise Network

15. Now On the client computer, Open Internet Explorer and attempt to connect to . The connection should be successful.


In this article I showed you how to create access rule for Internet Access to your Internal network. But you can also customize the access. So that only certain IP Address will access certain web sites only.


Leave a Reply

Your email address will not be published. Required fields are marked *