The TMG does not route.

I installed a TMG, I created a rule that allows all outgoing traffic.

but the DC does not ping the Wan TMG leg.
The DC ping  the leg LAN.

I used the wizard and it seems that networks and routes are correct.
limmontreefreeAsked:
Who is Participating?
 
Suliman Abu KharroubConnect With a Mentor IT Consultant Commented:
Oppps

Try to create a rule from localhost and internal to localhost and external allowing ping
0
 
Suliman Abu KharroubIT Consultant Commented:
>> allows all outgoing traffic.
how do you create the rule ? is it for all user and protocols from internal to external and local host ?

open TMG monitor and see which rule denies the traffic.

BTW: it is not a good config to have such rule. only needed protocols should be allowed on the firewall.

0
 
limmontreefreeAuthor Commented:
Soy novato con TMG.

He creado la ruta a mano,

Where is the TMG monitor, iremenber it but i don't meet it.

thanks
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
Suliman Abu KharroubIT Consultant Commented:
open TMG console--> logs and reports node.

is the above in English ? sorry but I can understand only English :-)
0
 
limmontreefreeAuthor Commented:
I just find the monitor
0
 
limmontreefreeAuthor Commented:
out several errors, this is  in red.

 connection refused
 typo Registered: Firewall service
 any rule, see the result code
 Source: Internal 192.168.1.10:389
 Destination: 192.168.1.1:10360 local host
 Protocol: Unidentified IP Traffic (TCP: 10 360)



 DC is 192.168.1.10
TMG   Lan leg is 192.168.1.1
0
 
Suliman Abu KharroubIT Consultant Commented:
thats not related to ping.


while pinging the external tmg IP address, monitor the traffic.

always there are a lot of red (deny) connection in ISA monitor. you can filter the log to show only traffic from DC based on client ip address.
0
 
limmontreefreeAuthor Commented:
i cant see nothing lCMP (ping)
0
 
limmontreefreeAuthor Commented:
this is a screenshot
1.jpg
0
 
limmontreefreeAuthor Commented:
While i take the snapshoot  From the DC 192.168.1.10 it was doing "ping 192.168.0.1 -"
0
 
Suliman Abu KharroubIT Consultant Commented:
Can you post a screenshot of your current access rules ?

why do you want to be able to ping the external interface of TMG ?
0
 
limmontreefreeAuthor Commented:
Hello again:
I'm trying to set up a TMG and this is a Lab Work for me. in my company we have and TMG and i can ping to the external interface.

I started cheching the ping and then, when i check it se why don't go to internet.
0
 
limmontreefreeAuthor Commented:
   
2.jpg
0
 
Suliman Abu KharroubIT Consultant Commented:
Do you fill the default gateway on the client machine ? or just using web proxy ?
0
 
limmontreefreeAuthor Commented:
todas las redes --> all the networks
todos los usuarios --> all the users
todo el trafico saliente --> all the outgoing trafic

thanks
0
 
limmontreefreeAuthor Commented:
in the DC

ip        192.168.1.10
mas    255.255.255.0
gat      192.168.1.1

DNS  127.0.0.1

I think not using web proxy.
0
 
Suliman Abu KharroubIT Consultant Commented:
from DC can ping 8.8.8.8 ?
0
 
limmontreefreeAuthor Commented:
yes,

 so TMG are routing isn.t?
0
 
Suliman Abu KharroubIT Consultant Commented:
Yes it is.

in your ping rule just add local  host in the To field.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.