Improve company productivity with a Business Account.Sign Up

x
?
Solved

Forefront DMZ Routing

Posted on 2011-03-02
2
Medium Priority
?
654 Views
Last Modified: 2012-05-11
Experts, I have a legacy server which I would like to migrate behind a new Forefront implementation. This machine is assigned a public IP, 65.xx.xx.x99. Forefront is tentatively planned to be located at 65.xx.xx.100. The gateway from our ISP is located at 65.xx.xx.105.
There are several more websites published, in the 65.xx.xx.99-114 range.
1:1 NAT is not an option.

My understanding is that I can set up a route relationship instead of a NAT inside of Forefront to make this happen. I'm also wondering if I need to set up some additional CIDR to further segregate the ranges. I really hope that isn't the case since the gateway was assigned in the middle of our block.
Much beyond that I'm lost. Some quick guidance would be much appreciated.
0
Comment
Question by:timbrigham
2 Comments
 
LVL 49

Accepted Solution

by:
Akhater earned 2000 total points
ID: 35024345
well you are in trouble the only way to do it is assign the public ip to your TMG and publish the required ports/application to your server.

on the other hand if you can communicate with your ISP another subnet is indeed he solution however it will require more than just to change your gateway, they will also need to add static routes from their side to your new subnet
0
 
LVL 1

Author Closing Comment

by:timbrigham
ID: 35030617
Akhater, I thought that would be the case. Anything ISA is capable of is usually pretty well documented. Thanks for verifying.
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question