Solved

ForeFront TMG Multiple Gateways

Posted on 2010-09-08
6
1,569 Views
Last Modified: 2013-11-16
Hi Guys,

Is it possible to configure 2 x gateways in Forefront TMG,
We have two routers onsite to the internet.
We want to allocate some users to the one gateway and a group of more users to use the second gateway.

Could this be configured in ForeFront TMG?  I realize that the box will require 3 x network cards;
(1 x internal, 2 x external)
0
Comment
Question by:Rupert Eghardt
  • 4
  • 2
6 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33629225
No - it can't. ISA and FTMG have no concept of protocol or user based routing in this context. You can route to different external gateways based on the destination IP address but this is more on the OS routing table rather than anything clever in ISA/FTMG.

Even using the ISP Failover/load-balancing options that now come with FTMG, the balancing is by traffic, not by source user or protocol.

Keith
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 33635543
Maybe you could try using Networking rules, but you will have to filter by Source IPs and not by Usernames.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33635868
I say again, it will not work. Period.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 10

Expert Comment

by:simonlimon
ID: 33635901
You can also try using ISP redundancy mode as explained, I know the question was different and this will be done dynamically.

http://www.isaserver.org/tutorials/Microsoft-Forefront-TMG-ISP-Redundancy-Mode.html
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 33640740
ISP redundancy only uses the alternative route if the primnary fails. ISP load-balancing allows the two connections to be used concurrently but splits the traffic either 50-50 or on a percentage basis selectable by the operator. It will not make decisions based upon protocol, source ip address, or other criteria.

Not trying to rain on anyone's parade but neither ISA or FTMG is geared to do what is being asked.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33689365
Are we done here?
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question