How to change the TTL Value of all outgoing packets in Microsoft Forefront TMG 2010?

akevinbailey
akevinbailey used Ask the Experts™
on
I would like to change the TTL to 128 for all packets going from my external NIC.  Using Linux IP Tables I can use the command "iptables -t mangle -A POSTROUTING -o eth0 -j TTL --ttl-set 128". How do I do the same thing using Microsoft Forefront TMG 2010?
 
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Keith AlabasterEnterprise Architect
Top Expert 2008

Commented:
You don't use FTMG to do it - the TTL is set at the OS level, not the application level. Anyway, the default value for Windows 2008 and Vista is 128 by default.

This is a link to a reference just in case you want to set it to something else. - yes, they spelt it wrong but the link is correct.....
http://www.windowsreference.com/networking/change-default-time-to-live-ttl-in-windows-server-2008-windwos-vista/

Author

Commented:
The problem is that when a client desktop connect to an external site, FTMG deprecates the TTL of those packets by one.  I want to reset those packets TTL to 128 so it appears that all traffic comes from FTMG server.  I don't think setting the default TTL on the interface will fix this.  But I will give it a try.

Author

Commented:
It didn't work.  It does not reset the TTL of the traffic coming from the private network.  Is there a way in Windows 2008 R2 or FTMG to force all traffic coming from a NIC to have a TTL of 128?
I guess no one can answer this question.  I guess I will have to switch back to Linux and iptables, because it seams that Microsoft products are incapable of changing the TTL for routed packets.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial