If you are setting up TMG and you would like to align your deployment with MS recommended & supported way; you will need to have each NIC for TMG to belong to two different network. ( this pertains two NIC scenario)
According to MS, if you do have both NIC sitting on the same network you will cause routing issues and many other usefully tips discussed here below KB…..
http://technet.microsoft.com/en-us/library/cc302678.aspx#NetworkAndRoutingIssues
TIP: Build the server with Single NIC and add the TMG server into domain by using same NIC, once server is added to domain, rename this NIC as "Internal" and make sure , you do not specify the DGW ( default Gateway ) on it.
The LAY out for each NIC shown below. Remember fallowing short list before install.
|
route add 172.26.5.10 mask 255.255.255.255 172.26.7.97 -p
Mask 255.255.255.255 meaning is , if traffic comes to this IP=172.26.5.10, use this DGW=172.26.7.97
- AS you can see you define route to one IP , not entire network, if you like to open entire network for routing you have to use CDIR subnet mask , for instance
route add 172.26.5.10 mask 255.255.255.0 172.26.7.97 -p
Mask 255.255.255.0 meaning is , TCP/IP traffic comes to this Network=172.26.5.0, use this DGW=172.26.7.97
- Now we have route to entire network=172.26.5.0 thus any valid IP falls within this network TMG will know which DGW to use=172.26.7.97 I n this case
Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)
2 comments:
Server 2008 its recommened to use netsh rather than route add.
http://blogs.technet.com/b/timmcmic/archive/2009/04/26/windows-2008-multi-subnet-clusters-and-using-static-routes.aspx
Thanks for the reminder, I know Tim recommends using netsh, but route add works fine as well (-:
Post a Comment