Translate

Block Teamviewer in TMG 2010 | UnBlock Teamviewer Using TMG 2010 | Permit Teamviewer Using TMG 2010 | Allow Teamviewer Using TMG 2010 | Stop Teamviewer| Teamviewer Ports



Many of systems Administrator using TMG 2010 and some times you need to block some sites ,application and ports due to security or policy issue.

In this article we need to know how we block / unblock the teamviewer using TMG 2010.

First of all we need to know how is the teamviewer work and what port its used for working?

1- TeamViewer use TCP 5938 port.
2- TeamViewer uses the follwing sites :
http://dyngate.com 
http://teamviewer.com 


Now we need to know how we can  block / unblock the teamviewer using TMG 2010.
 

Note: by defualt the eamviewer is blocked in TMG.

1- You need to add a rule which blocks port 5938 from Internal to External.

open forefront TMG console ==> right click on firewall Policy ==> New ==> Access Rule ==>
write the name of the rule as example Blocking Teamviewer ==> Deny ==> Choose Selected protocol ==>
then you must add new protocol TCP and put inside it port  5938 Direction OutBound ==> from Internal to External or as your topology in you network.


2- You need to add  another one which blocks HTTP / DNS / HTTPS from Internal to a URL set which contains http://*.teamviewer.com andhttp://*.dyngate.com).

you need now to add the following HTTP URL set inside any rule and make it deny:
http://*.dyngate.com/*
http://*.teamviewer.com/*

and now go to any client and try to start the teamviewer it should be Failed :).


now we need to unblock the teamviewer so we need only to allow all the steps that i mentioned in the block teamviewer.

if you need any further help dont hesitate to contact us and we will answer you.

 

8 comments:

antechno said...
This comment has been removed by a blog administrator.
Mohammed J said...

Thanks man.. That really saved me sometime.

Anonymous said...

Thanks dear Its working now.. By changing following;

Instead of using HTTP URL SET: Use Domain Name Sets.

IT resolved my issue :)

Regards
Anonymous

IDÍLIO said...

Hello,

For block access do external for internal, i use the same rule, but with diferent from, to?

Eng.Zaki A.Rimawi said...

as i understand You must block the access from internal to external with specified port and name.
try to make then same steps as i said.

Regards,
Eng.Zaki Rimawi

Shailendra Vishwakarma said...

I have given the same as u said but i m unable to connect Team Viewer.
Please suggest the same.

niaziakmal khan said...

I am regular reader of your blog and no doubt it all stuff is awesome. The best thing about your sharing and posting is that you always provide content that is helpful for both the newbie and experts. Looking for more stuff and tutorials.

Love from Bloggers Town

Anonymous said...

Thank you for sharing manage PC from mobile