Test Lab Guide: TMG Core Test Lab

by [Published on 24 May 2011 / Last Updated on 20 May 2013]

In this TMG Core Test Lab Guide module, we'll install a single TMG Enterprise Edition firewall and then install Service Pack 1 and Update 1.

Introduction

Test Lab Guides are a new type of Microsoft documentation that give IT professionals an opportunity to get hands-on with products and technologies in realistic deployment and use scenarios. In this article, we’re going to build on the Test Lab Guide efforts that Tom Shinder and Joe Davies have been working on for Microsoft. Tom has found the Test Lab Guide concept so useful that I’ve caught the bug! I noticed that Microsoft hasn’t created a TMG Test Lab Guide module so I’m going to fill in the gap for them and then put a link to this Test Lab Guide on the TechNet wiki page.

In this TMG Core Test Lab Guide module, we’ll install a single TMG Enterprise Edition firewall and then install Service Pack 1 and Update 1. We won’t install any of the software update rollups because it’s a pain to get the files and we aren’t likely to need them in our Test Labs in the future. If we find that we need one of the rollup updates, then we’ll install the appropriate rollup updates.

Complete the Base Configuration

The first thing we need to do in order to create the TMG Test Lab Guide module is complete both the Corpnet and the Internet portions of the Base Configuration. If you have already done this and taken a snapshot of the Base Configuration, then you can move to the next step. If you haven’t completed the Base Configuration, then navigate to this web site to get the document and perform the necessary steps. After you finish, move on to the next step in this article.

Change the Name of EDGE1

Now we’re going to change the name of the EDGE1 computer to better identify it for this particular module. On the EDGE1 computer, log in as CORP\Administrator and then in the Initial Configuration Tasks screen, click on Provide computer name and domain.


Figure 1

In the System Properties dialog box, which is shown in Figure 2, in the Computer Name dialog box, click the Change button.


Figure 2

In the Computer Name/Domain Change dialog box, shown in Figure 3, change the name to TMG1 in the Computer name text box and click OK.


Figure 3

Click OK in the dialog box that says you that you need to restart your computer, which is shown in Figure 4.


Figure 4

Click Close in the System Properties dialog box, shown in Figure 5.


Figure 5

Click Restart Now in the dialog box that tells you that you need to restart the computer, which is shown in Figure 6.


Figure 6

Wait for the computer to restart so the name change can take effect.

Install TMG Enterprise Edition

Now we’re ready to install TMG Enterprise Edition. If you have a subscription to MSDN or TechNet, you can download and use the MSDN .iso, or your TechNet subscription .iso, or if you have neither of those (or just don’t want to use up one of your allotted copies),you can use an evaluation version.  The TMG 2010 evaluation/trial version is available for download here.

After you get the file, mount the .iso to the TMG1 virtual machine and log on as CORP\Administrator.

After you’ve mounted the .iso, double click the Splash.hta file. This will bring up the TMG Enterprise Edition installation screen. Click Run Preparation Tool, which you can see under the “Prepare and Install” section in Figure 7.


Figure 7

Click Yes in the UAC box and then click Next on the Welcome to the Preparation Tool for Microsoft Forefront Threat Management Gateway TMG page, which is shown in Figure 8.


Figure 8

Put a checkmark in the I accept the terms of the License Agreements checkbox, as shown in Figure 9, and then click the Next button.


Figure 9

Select the Forefront TMG services and Management option, which you can see in Figure 10, and click Next.


Figure 10

Note that it will take a few minutes to complete this step, so be patient. You will see the progress as the tool is downloaded, installed and configured, as shown in Figure 11.


Figure 11

When you see the message Preparation Complete, as shown in Figure 12, put a checkmark in the Launch Forefront TMG Installation Wizard checkbox and click Finish.


Figure 12

On the Welcome to the Installation Wizard for Forefront TMG Enterprise page that is shown in Figure 13, click Next.


Figure 13

On the License Agreement page shown in Figure 14, select the I accept the terms in the license agreement page and click Next.


Figure 14

On the Customer Information page shown in Figure 15, enter your User name, Organization and Product Key and click Next.


Figure 15

Click Next on the Installation Path page that you can see in Figure 16.


Figure 16

On the Define Internal Network page shown in Figure 17, click Add. In the Address dialog box, click Add Adapter.


Figure 17

In the Select Network Adapters dialog box that you see in Figure 18, put a checkmark in the Corpnet checkbox and click OK.


Figure 18

In the Addresses dialog box, as shown in Figure 19, click OK.


Figure 19

On the Define Internal Network page, which you can see in Figure 20, click Next.


Figure 20

On the Services Warning page shown in Figure 21, click Next.


Figure 21

On the Ready to Install the Program page that’s shown in Figure 22, click Install.


Figure 22

On the Installation Wizard Completed page, which you can see in Figure 23, put a checkmark in the Launch forefront TMG Managemet when the wizard closes checkbox and click Finish.


Figure 23

Next you’ll see the first page for the Getting Started Wizard, shown in Figure 24. Click Configure network settings.


Figure 24

On the Welcome to the Network Setup Wizard page, shown in Figure 25, click Next.


Figure 25

On the Network Template Selection page, which you can see in Figure 26, select Edge firewall and click Next.


Figure 26

On the Local Area Network (LAN) Settings page, from the Network adapter connected to the LAN drop down list, select Corpnetas shown in Figure 27 and then click Next.


Figure 27

On the Internet Settings page that’s shown in Figure 28, from the Network adapter connected to the Internet drop down list, select Internet and then click Next.


Figure 28

On the Completing the Network Setup Wizard page, as seen in Figure 29, click Finish.


Figure 29

Now we’re back to the Getting Started Wizard, where you need to click Configure System Settings, as shown in Figure 30.


Figure 30

On the Welcome to the System Configuration Wizard page, shown in Figure 31, click Next.


Figure 31

On the Host Identification page, shown in Figure 32, click Next.


Figure 32

On the Completing the System Configuration Wizard page, which you see in Figure 33, click Finish.


Figure 33

Here we are again, with the Getting Started Wizard. This time, click the Define deployment options link as shown in Figure 34.


Figure 34

On the Welcome to the Deployment Wizard page, shown in Figure 35, click Next.


Figure 35

On the Microsoft Update Setup page, which you can see in Figure 36, select I do not want to use the Microsoft Update service option and click Next.


Figure 36

In the Microsoft Update Setup dialog box that you see in Figure 37, click Yes.


Figure 37

On the Forefront TMG Protection Features Settings dialog box, which you can see in Figure 38, click Next.


Figure 38

On the Customer Feedback page, shown in Figure 39, select the No, I don’t want to participate option and select Next.


Figure 39

On the Microsoft Telemetry Reporting Service page, which you can see in Figure 40, click Next.


Figure 40

On the Completing the Deployment Wizard page that’s shown in Figure 41, click Finish.


Figure 41

Now we’re finally finished with the Getting Started Wizard, and you can click Close, as shown in Figure 42.


Figure 42

At last the TMG firewall console opens. You can see it in Figure 43.


Figure 43

Close the TMG firewall console and restart the TMG1 virtual machine. Log on as CORP\Administrator for the next step.

Install TMG Service Pack 1

Now that TMG Enterprise Edition is installed, we need to install TMG SP1. You can find the Service Pack 1 files here.

After you download the file, you might want to convert it to an .iso file so that you can easily mount it on your virtual machine. In fact, you might also want to download TMG Software Update 1 now and encapsulate both of these into the same .iso file. After mounting the .iso file, open an elevated command prompts and navigate to the location containing TMG-KB981324-ENU.Then enter the following at the command prompt:

TMG-KB981324-ENU

And press ENTER. You should see the “Welcome” page for the update, shown in Figure 44.


Figure 44

On the License Agreement page, as shown in Figure 45, select I accept the terms in the license agreement option and select Next.


Figure 45

On the Locate Configuration Storage Server page that’s shown in Figure 46, click Next.


Figure 46

On the Ready to Install the Program page, which you can see in Figure 47, click Install.


Figure 47

As the song says, “the waiting is the hardest part.”  Be patient while Service Pack 1 is installed, as shown in Figure 48.


Figure 48

On the Installation Wizard Completed page that you can see in Figure 49, click Finish.


Figure 49

Now restart the TMG1 virtual machine and log on as CORP\Administrator for the next step.

Install TMG Software Update 1

With SP1 installed, you’re ready to install Software Update 1. You can download Software Update 1 here.

After downloading the file, put it in the .iso container as I mentioned earlier. Mount the .iso and double click on the TMG-KB2288910-amd64-ENU.

On the Welcome to the Update for Microsoft Forefront TMG Service Pack Update 1 page that’s shown in Figure 50, click Next.


Figure 50

On the License Agreement page, select I accept the terms in the license agreement option as you see in Figure 51, and click Next.


Figure 51

On the Locate Configuration Storage Server page, as seen in Figure 52, click Next.


Figure 52

Click Install on the Ready to Install the Program page that you see in Figure 53.


Figure 53

On the Installation Wizard Completed page that you see in Figure 54, click Finish.


Figure 54

Click Yes to restart the computer in the dialog box that’s shown in Figure 55.


Figure 55

Shutdown the Virtual Machines and Take a Snapshot

At this point, you should shut down all the virtual machines gracefully and then take a snapshot of each of the virtual machines. Name the snapshots TMG Core Lab. Now you have a virtual lab that we can use for all of our subsequent articles on TMG at ISAserver.org so that you can perform the steps in all the labs, and then add your own custom configurations for testing. Let the Test Lab Guide fun begin! Thanks! –Deb.

Featured Links