?
Solved

Testing Microsoft Forefront. with two nics

Posted on 2011-02-28
6
Medium Priority
?
495 Views
Last Modified: 2012-05-11
Hi,
I am trying to install Microsoft Forfront in a test environment. I have a Win 2008 R2 Active directory server and a Win 2008 R2 forefront server. The FF server has two nics on different subnets. Nic 1 is on the same subnet as the AD server (10.1.192.x) and is plugged into a switch providing the lan. Nic two is connected to a router connected to the internet on a 10.35.x.x subnet. AD will provide DNS and DHCP for now. I cannot get the FF server to 'see' both networks, either one or the other, just not both.

Any ideas guys ?

Thanks.
Martyn
0
Comment
Question by:Martyn9098
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 9

Accepted Solution

by:
araberuni earned 1000 total points
ID: 35003189
Are you configuring FF TMG edge network? If so, then follow steps:

Step1: Install Win2k8 R2

Step2: NIC config

External NIC, in your case nic2
IP: 10.35.x.x
mask: 255.blah blah
DG:10.35.xx

Internal NIc in your case nic1
IP:10.1.192.x
Mask:255.x.x.x
DG:Null
DNS:Internal DNS server

Step3: join Domain

Now follow this guide http://microsoftguru.com.au/2010/03/08/forefront-tmg-2010-how-to-install-and-configure-forefront-tmg-2010-step-by-step/

Once installed. configure Edge topology. Than configure all firewall rule, policies etc.
0
 
LVL 1

Expert Comment

by:Seatown1984
ID: 35003507
Your internal NIC will not need a gateway configured and your external NIC will not need dns servers configured (as stated above).

You will also need to add a static route to your FF box. Open CMD and enter:

route ADD -p 10.0.0.0 MASK 255.0.0.0 X.X.X.X(internal gateway)

You can use "route PRINT" to view results.
0
 
LVL 1

Author Comment

by:Martyn9098
ID: 35005883
Thanks guys,

I have tried the above and whilst the FF server can 'see' the AD server I cannot get any internet access on it. My persistant routes are as follows.

10.0.0.0        255.0.0.0        10.1.192.1        1
0.0.0.0           0.0.0.0             10.35.1.254      Default.

Whilst this could be a DNS issue I have tried direct IP to a website that does work on another network.

Thanks
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 1

Author Comment

by:Martyn9098
ID: 35006217
I have left two ping windows open. Ping 1 to the AD server and ping 2 to google. I cannot get both pings to respong. It's either one or the other and they do swap from time to time.
0
 
LVL 1

Assisted Solution

by:Seatown1984
Seatown1984 earned 1000 total points
ID: 35009802
I may have made a mistake telling you to add a persistant route that opens your subnet that wide. This may conflict with your external route. Try narrowing it down to 10.1.0.0 255.255.0.0 or 10.1.192.0 255.255.255.0 when you create your static route.

This is how I was able to get my TMG to talk to both networks.

0
 
LVL 1

Author Comment

by:Martyn9098
ID: 35334333
Sorry for the late feedback however the issue is now solved. The issue was the server was built with the HP installation disk which seamed to cause the problem. Installing the operating system without the HP Smartstart solved this issue.

Thanks for you help.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question