Forefront DMZ Routing

Experts, I have a legacy server which I would like to migrate behind a new Forefront implementation. This machine is assigned a public IP, 65.xx.xx.x99. Forefront is tentatively planned to be located at 65.xx.xx.100. The gateway from our ISP is located at 65.xx.xx.105.
There are several more websites published, in the 65.xx.xx.99-114 range.
1:1 NAT is not an option.

My understanding is that I can set up a route relationship instead of a NAT inside of Forefront to make this happen. I'm also wondering if I need to set up some additional CIDR to further segregate the ranges. I really hope that isn't the case since the gateway was assigned in the middle of our block.
Much beyond that I'm lost. Some quick guidance would be much appreciated.
Who is Participating?
well you are in trouble the only way to do it is assign the public ip to your TMG and publish the required ports/application to your server.

on the other hand if you can communicate with your ISP another subnet is indeed he solution however it will require more than just to change your gateway, they will also need to add static routes from their side to your new subnet
timbrighamAuthor Commented:
Akhater, I thought that would be the case. Anything ISA is capable of is usually pretty well documented. Thanks for verifying.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.