Solved

Testing Microsoft Forefront. with two nics

Posted on 2011-02-28
6
480 Views
Last Modified: 2012-05-11
Hi,
I am trying to install Microsoft Forfront in a test environment. I have a Win 2008 R2 Active directory server and a Win 2008 R2 forefront server. The FF server has two nics on different subnets. Nic 1 is on the same subnet as the AD server (10.1.192.x) and is plugged into a switch providing the lan. Nic two is connected to a router connected to the internet on a 10.35.x.x subnet. AD will provide DNS and DHCP for now. I cannot get the FF server to 'see' both networks, either one or the other, just not both.

Any ideas guys ?

Thanks.
Martyn
0
Comment
Question by:Martyn9098
  • 3
  • 2
6 Comments
 
LVL 9

Accepted Solution

by:
araberuni earned 250 total points
ID: 35003189
Are you configuring FF TMG edge network? If so, then follow steps:

Step1: Install Win2k8 R2

Step2: NIC config

External NIC, in your case nic2
IP: 10.35.x.x
mask: 255.blah blah
DG:10.35.xx

Internal NIc in your case nic1
IP:10.1.192.x
Mask:255.x.x.x
DG:Null
DNS:Internal DNS server

Step3: join Domain

Now follow this guide http://microsoftguru.com.au/2010/03/08/forefront-tmg-2010-how-to-install-and-configure-forefront-tmg-2010-step-by-step/

Once installed. configure Edge topology. Than configure all firewall rule, policies etc.
0
 
LVL 1

Expert Comment

by:Seatown1984
ID: 35003507
Your internal NIC will not need a gateway configured and your external NIC will not need dns servers configured (as stated above).

You will also need to add a static route to your FF box. Open CMD and enter:

route ADD -p 10.0.0.0 MASK 255.0.0.0 X.X.X.X(internal gateway)

You can use "route PRINT" to view results.
0
 
LVL 1

Author Comment

by:Martyn9098
ID: 35005883
Thanks guys,

I have tried the above and whilst the FF server can 'see' the AD server I cannot get any internet access on it. My persistant routes are as follows.

10.0.0.0        255.0.0.0        10.1.192.1        1
0.0.0.0           0.0.0.0             10.35.1.254      Default.

Whilst this could be a DNS issue I have tried direct IP to a website that does work on another network.

Thanks
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 1

Author Comment

by:Martyn9098
ID: 35006217
I have left two ping windows open. Ping 1 to the AD server and ping 2 to google. I cannot get both pings to respong. It's either one or the other and they do swap from time to time.
0
 
LVL 1

Assisted Solution

by:Seatown1984
Seatown1984 earned 250 total points
ID: 35009802
I may have made a mistake telling you to add a persistant route that opens your subnet that wide. This may conflict with your external route. Try narrowing it down to 10.1.0.0 255.255.0.0 or 10.1.192.0 255.255.255.0 when you create your static route.

This is how I was able to get my TMG to talk to both networks.

0
 
LVL 1

Author Comment

by:Martyn9098
ID: 35334333
Sorry for the late feedback however the issue is now solved. The issue was the server was built with the HP installation disk which seamed to cause the problem. Installing the operating system without the HP Smartstart solved this issue.

Thanks for you help.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have put this article together as i needed to get all the information that might be available already into one general document that could be referenced once without searching the Internet for the different pieces. I have had a few issues where…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now