How can we use PRTG with only one external IP address (e.g. via TMG)

Hello,

We are testing PRTG for our hosted monitoring service. The server running PRTG is hosted on Windows Azure and we only have one public IP address we can use. We are running into a problem we are unable to resolve.

By default the webserver of PRTG is running on port 443, which is fine and accessible from all our clients locations. The Sensor however is using SSL and is running on a non default port 23560. This port is not open by default and we can not use it. We would like to have all PRTG services running on port 443 and use encryption. As we only have 1 external IP address on Azure, we decided to place a Microsoft TMG 2010 in front of PRTG. This works great for the web interface of PRTG, but we can not get external probes to connect. TMG is listening on two different host names on the same external IP address. Webserver traffic is internally redirected to port 443 on the PRTG servere, probe traffic is redirected internally to port 23560. However this doesn’t seems to work, we are receiving the following error in the event log of the TMG server: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

When we test the connection using a webbrowser, we receive the following error Error Code: 500 Internal Server Error. The client and server cannot communicate, because they do not possess a common algorithm. (-2146893007)

What is the best way to use PRTG on default web ports (80 unencrypted and 443 encrypted) without requiring us to open ports on firewalls (our clients will not accept that).

Thank you and kind regards, Heraut