This is not a question that is easily answered. It can become a very complex configuration, for example when your TMG box is placed between two firewalls, etc. But I will try to explain wat needs to be done. You could probably take this to your network administrator so he can assist you where necessary.
- Determine a URL you want to use, e.g. qlikview.yourcompany.com
- On your TMG server, check the HTTP listener configuration, and note the external IP address;
- Register a DNS A-record, qlikview, for the domain yourcompany.com (in our case qlikview) and have it point to the external IP address you noted in step 2. This requires you to have access to the external DNS zone configuration;
- On the TMG Server, publish a web site using the "Publish Web Sites" task:
- Enter a friendly name for the rule, e.g. "QlikView Access Point" and click [Next >];
- Select the "Allow" radio button, and click [Next >];
- Select the "Publish a single web site or load-balancer" option, and click [Next >];
- Next, select the approperiate protocol option (HTTPS or HTTP), and click [Next >];
- Type in the internal servername for your QVAP, and click [Next >];
- On the following screen, leave the defaults, and click [Next >];
- Now enter the public URL (qlikview.yourcompany.com) in the public name field, and click [Next >];
- Select the (correct) web listener, and click [Next >];
- Select the option "No delegation, but client may authenticate directly", and click [Next >];
- On the next screen, leave everyting as is, and click [Next >];
- Finally check your configuration, and click [Finish] to create the publishing rule;
- Click [Apply] to apply the changes to the TMG configuration store;
Now you should test if you can reach the QlikView Access Point from the outside. Please note that it may take some time for changes in all the different systems to propagate.
This should do it...