I was interested in exposing our Team Foundation Server Beta 3 Refresh install out over the internet so I could use it from client sites, etc.
It turned out to be more effort than I had hoped. Figured I would document it for the next time I have to do it. These instructions are for a dual server install. A single server install should be a little bit simpler.
Start off by creating two public dns names:
tfs.domain.com
and
tfsreports.domain.com
Publish a web server pointing at your application tier using the tfs.domain.com domain name. Set the listener up to listen on Port 8080 and authentication should be integrated only. Don't forget to go back into the properties for the policy and make sure the bridging options are set to forward on Port 8080. It defaults to Port 80 which hung me up for awhile. This policy is for the web services.
Publish a web server pointing at your application tier using the tfs.domain.com domain name again. This time set the listener up on the normal Port 80 with authentication set to integrated only. This policy is for Windows Sharepoint Services.
Publish a web server pointing at your application tier using the tfs.domain.com domain name again. This time set the listener up on Port 17012 and authentication should be integrated only. Don't forget to go back the properties for the policy and make sure the bridging options are set to forward on Port 17012. NOTE: 17012 may not be the correct port for your installation. Replace it with whatever port Sharepoint Central Administration is configured to run on.
Publish a web server pointing at your data tier using the tfsreports.domain.com domain name. If you want you can limit the path to /Reports/* and /ReportServer/*. My understanding is that they are moving reporting services to the application tier for RTM so this step will go away. Listener is on Port 80 with integrated authentication.
That's it for the ISA Server setup. The problem is that the configuration database for TFS still has the internal machine names specified for accessing WSS and Reporting Services. This can be fixed by creating a file containing:
Reports Change ReportsService http://tfsreports.domain.com/ReportServer/ReportService.asmx BaseReportsUrl http://tfsreports.domain.com/Reports DataSourceServer http://tfsreports.domain.com/ReportServer Wss Change BaseServerUrl http://tfs.domain.com BaseSiteUrl http://tfs.domain.com/sites BaseSiteUnc \\colfax\sites WssAdminService http://tfs.domain.com:17012/_vti_adm/admin.asmx
Replace ATNAME with the name of your application tier server.
Save this file as c:\Program Files\Microsoft Visual Studio 2005 Team Foundation Server\Tools\myreg.xml
Open a command prompt in this location and use TfsReg to import the registration information above like this:
TfsReg myreg.xml dtname
Of course replace dtname with the name of your data tier server.
That's it. That got it running over the internet for me.