Create a New Web Listener

1. Open the Forefront TMG Management Console.
2. Expand Forefront TMG (Array Name or Computer Name) in the left pane and click Firewall Policy.
3. In the right pane click the Toolbox tab, click Network Objects, right-click Web Listener and select New Web Listener from the menu.

   

4. The Welcome to the New Web Listener Wizard page appears. Give a name to the Web Listener (e.g. Access WL) and click Next.
5. On the Client Connection Security page select Require SSL secured connections with clients and click Next.

   

6. On the Web Listener IP Addresses page select External and click Next.

   

7. On the Listener SSL Certificates page select Use a single certificate for this Web Listener and click the Select Certificate button. Select the appropriate certificate and click the Select button to confirm your choice.

   

8. Confirm that the correct certificate appears on the Listener SSL Certificates page and click Next.
9. On the Authentication Settings page choose the type of authentication you'd like Acronis Access to use when it contacts the TMG reverse proxy server, and click Next.

   Acronis Access mobile client supports:

   • No Authentication - Use this option if you'd like the Access Mobile Client requests to pass through the TMG reverse proxy server without needing to authenticate.
   • HTTP Authentication - Use this option if you'd like the Access Mobile Client app to authenticate with the TMG reverse proxy using the user's username and password. This is typically the user's Active Directory credentials. If the Access Mobile Client app is configured to require authentication "Once per session" or "Once per server", the user will be prompted for their credentials when they initially contact the TMG reverse proxy server.
   • SSL Client Certificate Authentication - Use this option if you'd like the Access Mobile Client app to authenticate with the TMG reverse proxy with an SSL user identity certificate. This certificate must be added to the Access Mobile Client app before the user can authenticate with the TMG reverse proxy server. Additional instructions can be found here.

   

10. On the Single Sign On Settings page verify that the SSO setting is disabled and click Next.

    

11. Review your selections on the Completing The New Web Listener Wizard page and click Finish.

    

12. Click the Apply button to commit the changes.

    

13. In the left pane of the Forefront TMG Management Console click Monitoring, then click on the Configuration tab in the middle pane. Keep clicking on the Refresh Now link in the right pane (Tasks tab) until there is a green icon with the checkbox in front of the TMG computer name (array name).