Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Forefront DMZ Routing

Posted on 2011-03-02
Medium Priority
Last Modified: 2012-05-11
Experts, I have a legacy server which I would like to migrate behind a new Forefront implementation. This machine is assigned a public IP, 65.xx.xx.x99. Forefront is tentatively planned to be located at 65.xx.xx.100. The gateway from our ISP is located at 65.xx.xx.105.
There are several more websites published, in the 65.xx.xx.99-114 range.
1:1 NAT is not an option.

My understanding is that I can set up a route relationship instead of a NAT inside of Forefront to make this happen. I'm also wondering if I need to set up some additional CIDR to further segregate the ranges. I really hope that isn't the case since the gateway was assigned in the middle of our block.
Much beyond that I'm lost. Some quick guidance would be much appreciated.
Question by:timbrigham
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 49

Accepted Solution

Akhater earned 2000 total points
ID: 35024345
well you are in trouble the only way to do it is assign the public ip to your TMG and publish the required ports/application to your server.

on the other hand if you can communicate with your ISP another subnet is indeed he solution however it will require more than just to change your gateway, they will also need to add static routes from their side to your new subnet

Author Closing Comment

ID: 35030617
Akhater, I thought that would be the case. Anything ISA is capable of is usually pretty well documented. Thanks for verifying.

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

671 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question