Assigning a default gateway to VPN clients when using Static IP assignment in TMG

I have a Forefront TMG 2010 Setup. This is a NLB array. Because I am using an array I need to use static IP Addresses. I need to configure a default gateway for the VPN Connections so that they can talk to multiple internal networks.

Is there a way to set this up?

Thanks
MysterhaysAsked:
Who is Participating?
 
pwindellConnect With a Mentor Commented:
I don't see how being an Array prevents using DHCP.

Use DHCP.

There is also a difference between a Static Address Pool and Static Addresses.  Static Address Pools are Dynamic, not static.  True Static IPs have to be directly and manually configured at the Client (including the DFG and other options).  I think the DFG on a VPN Dialup Connectiod is always the IP# itself,...if the IP 192.168.23.4 then the DFG is also 192.168.23.4 and the Mask is always 255.255.255.255 (that's right, full 32bit).

If you use a Static Pool then that is Dynamic Addressing and you handle the client by just "leaving it alone".   The Default Gateway is handled correctly by leaving the check box enabled for "Use gateway on remote network".

Bottom line,...use full regular normal DHCP instead of making trouble for yourself.
0
 
Amit BhatnagarTechnology Consultant - SecurityCommented:
Just to be clear, do you want that VPN Clients should be able to talk to the other internal Networks besides the default Internal network when they connect?..

If this is the question, as long as TMG knows the path to these networks and you are NOT using split tunneling("Use Default Gateway on Remote Network" option), it should be fine.
0
All Courses

From novice to tech pro — start learning today.