Solved

Testing Microsoft Forefront. with two nics

Posted on 2011-02-28
6
475 Views
Last Modified: 2012-05-11
Hi,
I am trying to install Microsoft Forfront in a test environment. I have a Win 2008 R2 Active directory server and a Win 2008 R2 forefront server. The FF server has two nics on different subnets. Nic 1 is on the same subnet as the AD server (10.1.192.x) and is plugged into a switch providing the lan. Nic two is connected to a router connected to the internet on a 10.35.x.x subnet. AD will provide DNS and DHCP for now. I cannot get the FF server to 'see' both networks, either one or the other, just not both.

Any ideas guys ?

Thanks.
Martyn
0
Comment
Question by:Martyn9098
  • 3
  • 2
6 Comments
 
LVL 9

Accepted Solution

by:
araberuni earned 250 total points
ID: 35003189
Are you configuring FF TMG edge network? If so, then follow steps:

Step1: Install Win2k8 R2

Step2: NIC config

External NIC, in your case nic2
IP: 10.35.x.x
mask: 255.blah blah
DG:10.35.xx

Internal NIc in your case nic1
IP:10.1.192.x
Mask:255.x.x.x
DG:Null
DNS:Internal DNS server

Step3: join Domain

Now follow this guide http://microsoftguru.com.au/2010/03/08/forefront-tmg-2010-how-to-install-and-configure-forefront-tmg-2010-step-by-step/

Once installed. configure Edge topology. Than configure all firewall rule, policies etc.
0
 
LVL 1

Expert Comment

by:Seatown1984
ID: 35003507
Your internal NIC will not need a gateway configured and your external NIC will not need dns servers configured (as stated above).

You will also need to add a static route to your FF box. Open CMD and enter:

route ADD -p 10.0.0.0 MASK 255.0.0.0 X.X.X.X(internal gateway)

You can use "route PRINT" to view results.
0
 
LVL 1

Author Comment

by:Martyn9098
ID: 35005883
Thanks guys,

I have tried the above and whilst the FF server can 'see' the AD server I cannot get any internet access on it. My persistant routes are as follows.

10.0.0.0        255.0.0.0        10.1.192.1        1
0.0.0.0           0.0.0.0             10.35.1.254      Default.

Whilst this could be a DNS issue I have tried direct IP to a website that does work on another network.

Thanks
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 1

Author Comment

by:Martyn9098
ID: 35006217
I have left two ping windows open. Ping 1 to the AD server and ping 2 to google. I cannot get both pings to respong. It's either one or the other and they do swap from time to time.
0
 
LVL 1

Assisted Solution

by:Seatown1984
Seatown1984 earned 250 total points
ID: 35009802
I may have made a mistake telling you to add a persistant route that opens your subnet that wide. This may conflict with your external route. Try narrowing it down to 10.1.0.0 255.255.0.0 or 10.1.192.0 255.255.255.0 when you create your static route.

This is how I was able to get my TMG to talk to both networks.

0
 
LVL 1

Author Comment

by:Martyn9098
ID: 35334333
Sorry for the late feedback however the issue is now solved. The issue was the server was built with the HP installation disk which seamed to cause the problem. Installing the operating system without the HP Smartstart solved this issue.

Thanks for you help.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

Suggested Solutions

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Microsoft has released remote PowerShell capabilities to all commercial Office 365 customers. So you can be controlled via PowerShell and not from the Office 365 admin center Download Windows PowerShell Module for Lync Online http://www.micros…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now