SCCM 2012 Virtual Lab

Question

I am building an SCCM 2012 virtual lab and I have about 70% of it completed, but I want to test patching, but I dont want to connect my virtual lab to the production environment to pull patches. My environment consists of the following:

• Hyper-V Server 2008 R2
• One switch

I did read somewhere that I may be able to use Forefront Threat Management Gateway (TMG) by installing it as a VM within my virtual lab and segment the virtual network from the production LAN to connect to the internet to pull patches from Microsoft.com to my SCCM 2012 server.

Is this possible? If so, how would I go about getting this done?

Any help here would be greatly appreciated.

Thanks

Answer 1

In this case TMG would just be acting as a NAT boundary. There's nothing special about TMG here, and if you've already got a firewall or L3 device separating your test environment from your prod environment, you can just configure the NAT there instead and save the headache.

But, to answer your actual question, yes you can use TMG for this if you'd like.

Answer 2

Here is the info I have been trying to find that provides more info on setting up a virtual SCCM 2012 virtual test lab environment using TMG.

http://blogs.technet.com/b/tlgs/archive/2012/07/30/system-center-configurtation-manager-2012-test-lab-guide-published.aspx

Answer 3

If you just need to put a NAT between your test network and your production one, you can use Windows' built-in RRAS and get a lot simpler setup than a full TMG box.

http://technet.microsoft.com/en-us/library/dd469812.aspx