hi all. if my question can be answered by reading TMG documentation, feel free to direct me there (i tried searching for the admin documentation but couldn't find it).

can someone tell me what the purpose of dynamic port assignment is from endpoint -> TMG? Once the traffic leaves the TMG -> Internet, the actual service port is being used but that doesn't help me for internal queries.

many thanks,

-P

Hi,

Please check the articles below.

ISA/TMG Server

1. This port is not used with ISA 2000.
2. FWC application transport and protocols are negotiated within the FWC control channel.
3. ISA 2000 FWC control uses UDP. ISA 2004 and 2006 use TCP.
4. OEM uses Firewall Web Management to provide non-MMC management of ISA Server.
5. This port is also used for intra-array traffic.
6. This port is used only by the ISA management MMC during remote server and service status monitoring.
7. This is the range in TMG. Please note that TMG extends the default dynamic port ranges in Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista.

https://support.microsoft.com/kb/832017?wa=wsignin1.0#method14

Reference: TCP connection established using Firewall client may close unexpectedly

Regards,

Joyce