The Firewall service checks the request against the Forefront TMG policy, processes the request on behalf of the client, and returns a reply through the control channel. When a Winsock function call is redirected to the proxy, the Forefront TMG Client LSP sends a request through the control channel to the Firewall service and waits for a response. The control channel connection is established the first time that it is needed. The Forefront TMG Client LSP communicates with the Firewall service by using a dedicated connection to TCP port 1745, called the Forefront TMG Client control channel. Remote calls are redirected to the Firewall service. Local calls are passed to the original base service provider. When a client application calls a Winsock function, the Forefront TMG Client LSP intercepts the call and determines, based on the arguments specified in the call and the configuration settings provided by the Firewall service, whether the call is local or remote. All Winsock applications running on a Forefront TMG Client computer use this LSP transparently.
#Forefront tmg 2010 how to edit protocol windows#
When Forefront TMG Client, which supersedes Firewall Client, is installed and enabled on client computers in a protected network that send requests through Forefront TMG servers, Windows Sockets (Winsock) applications running on these client computers can send requests to remote destinations transparently through the Microsoft Firewall service.įorefront TMG Client includes a dynamic-link library (FwcWsp.dll) that works as a layered service provider (LSP) on top of the original underlying base service provider.