[Webinar] Streamline your web hosting managementRegister Today

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 654
  • Last Modified:

Forefront DMZ Routing

Experts, I have a legacy server which I would like to migrate behind a new Forefront implementation. This machine is assigned a public IP, 65.xx.xx.x99. Forefront is tentatively planned to be located at 65.xx.xx.100. The gateway from our ISP is located at 65.xx.xx.105.
There are several more websites published, in the 65.xx.xx.99-114 range.
1:1 NAT is not an option.

My understanding is that I can set up a route relationship instead of a NAT inside of Forefront to make this happen. I'm also wondering if I need to set up some additional CIDR to further segregate the ranges. I really hope that isn't the case since the gateway was assigned in the middle of our block.
Much beyond that I'm lost. Some quick guidance would be much appreciated.
1 Solution
well you are in trouble the only way to do it is assign the public ip to your TMG and publish the required ports/application to your server.

on the other hand if you can communicate with your ISP another subnet is indeed he solution however it will require more than just to change your gateway, they will also need to add static routes from their side to your new subnet
timbrighamAuthor Commented:
Akhater, I thought that would be the case. Anything ISA is capable of is usually pretty well documented. Thanks for verifying.

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now