[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 527
  • Last Modified:

The TMG does not route.

I installed a TMG, I created a rule that allows all outgoing traffic.

but the DC does not ping the Wan TMG leg.
The DC ping  the leg LAN.

I used the wizard and it seems that networks and routes are correct.
0
limmontreefree
Asked:
limmontreefree
  • 11
  • 8
1 Solution
 
Suliman Abu KharroubIT Consultant Commented:
>> allows all outgoing traffic.
how do you create the rule ? is it for all user and protocols from internal to external and local host ?

open TMG monitor and see which rule denies the traffic.

BTW: it is not a good config to have such rule. only needed protocols should be allowed on the firewall.

0
 
limmontreefreeAuthor Commented:
Soy novato con TMG.

He creado la ruta a mano,

Where is the TMG monitor, iremenber it but i don't meet it.

thanks
0
 
Suliman Abu KharroubIT Consultant Commented:
open TMG console--> logs and reports node.

is the above in English ? sorry but I can understand only English :-)
0
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

 
limmontreefreeAuthor Commented:
I just find the monitor
0
 
limmontreefreeAuthor Commented:
out several errors, this is  in red.

 connection refused
 typo Registered: Firewall service
 any rule, see the result code
 Source: Internal 192.168.1.10:389
 Destination: 192.168.1.1:10360 local host
 Protocol: Unidentified IP Traffic (TCP: 10 360)



 DC is 192.168.1.10
TMG   Lan leg is 192.168.1.1
0
 
Suliman Abu KharroubIT Consultant Commented:
thats not related to ping.


while pinging the external tmg IP address, monitor the traffic.

always there are a lot of red (deny) connection in ISA monitor. you can filter the log to show only traffic from DC based on client ip address.
0
 
limmontreefreeAuthor Commented:
i cant see nothing lCMP (ping)
0
 
limmontreefreeAuthor Commented:
this is a screenshot
1.jpg
0
 
limmontreefreeAuthor Commented:
While i take the snapshoot  From the DC 192.168.1.10 it was doing "ping 192.168.0.1 -"
0
 
Suliman Abu KharroubIT Consultant Commented:
Can you post a screenshot of your current access rules ?

why do you want to be able to ping the external interface of TMG ?
0
 
Suliman Abu KharroubIT Consultant Commented:
Oppps

Try to create a rule from localhost and internal to localhost and external allowing ping
0
 
limmontreefreeAuthor Commented:
Hello again:
I'm trying to set up a TMG and this is a Lab Work for me. in my company we have and TMG and i can ping to the external interface.

I started cheching the ping and then, when i check it se why don't go to internet.
0
 
limmontreefreeAuthor Commented:
   
2.jpg
0
 
Suliman Abu KharroubIT Consultant Commented:
Do you fill the default gateway on the client machine ? or just using web proxy ?
0
 
limmontreefreeAuthor Commented:
todas las redes --> all the networks
todos los usuarios --> all the users
todo el trafico saliente --> all the outgoing trafic

thanks
0
 
limmontreefreeAuthor Commented:
in the DC

ip        192.168.1.10
mas    255.255.255.0
gat      192.168.1.1

DNS  127.0.0.1

I think not using web proxy.
0
 
Suliman Abu KharroubIT Consultant Commented:
from DC can ping 8.8.8.8 ?
0
 
limmontreefreeAuthor Commented:
yes,

 so TMG are routing isn.t?
0
 
Suliman Abu KharroubIT Consultant Commented:
Yes it is.

in your ping rule just add local  host in the To field.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 11
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now