Microsoft Forefront TMG

i can ping the external ip address via the TMG but when i try ping the name i get cannot find host. but when i tracert the external ip address i get the following error on the firewall....

Denied Connection RX-TMG01-S 2011/10/17 03:08:13 PM
Log type: Firewall service
Status: A packet generated on the local host was rejected because its source IP address is assigned to one network adapter and its destination IP address is reachable through another network adapter.  
Rule: None - see Result Code
Source: Local Host (10.1.1.100:137)
Destination: External (***.***.***.***:137)
Protocol: NetBios Name Service
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 10.1.1.100


Denied Connection RX-TMG01-S 2011/10/17 04:15:51 PM
Log type: Firewall service
Status: Access is denied.  
Rule: Default rule
Source: Internal (10.1.1.2:137)
Destination: External (***.***.***.***:137)
Protocol: NetBios Name Service
 Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 10.1.1.2
 
Raubex_ITAsked:
Who is Participating?
 
vishalvasuCommented:
This is a DNS issue when you try to ping or tracert using name. Ensure that an A record points to the IP address of the TMG server and that TMG server is set to lookup the internal DNS server that is being queried. As for the tracert and ping response, try them from a remote machine instead of TMG. If you still do not get results, you might have to change the system policy to allow ICMP and Tracert diagnostics.
0
 
Suliman Abu KharroubIT Consultant Commented:
First issue (DNS): It depends on how the client machine configured to resolve names, to which DNS server the client points ? does this DNS server has a record for that name ?

Second issue (tracert):
simply it is an information massage not error message, Tracert pings each node on the path and returns the result, when it pings the internal interface of TMG server ( the first node in the path), it shows the message and that's expected; because the IP header shows that this packet is targeted to the external IP and should be come from the external interface not the internal.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.