Solved

Accessing the internet with forefront after subnet change.

Posted on 2013-12-10
3
403 Views
Last Modified: 2013-12-11
I change my subnet from 255.255.255.0 to 255.255.254.0 to allow more IPs. My old range is 192.168.1.0 - 192.168.1.254.

The new range is 192.168.0.0 - 192.168.1.254. The 192.168.1.x computers with the new subnet mask can still access the internet through Microsoft Forefront. The 192.168.0.x computers can not access the internet.

I added 192.168.0.1 - 192.168.1.254 to the internal address range in forefront but still no access. I also changed the mask on the internal network card on Forefront
0
Comment
Question by:Biofilminc
  • 2
3 Comments
 
LVL 18

Expert Comment

by:irweazelwallis
ID: 39710764
you will need to make sure the routing and networking is up to date on the TMG/ISA server as well so that the new network range is configured as being internal otherwise anything in the 192.168.0.0/24 subnet will be considered as external and dropped

for TMG if you go to the networking container and then on the networks Tab get the properties of the Internal Network and check on the Addresses Tab of the properties to make sure your new subnet is present or add
then check the routing tab and make sure the routing is up to date
If you have a standard two legged TMG setup then you will need to add the route via "route add" first to make sure the static route is correct and then TMG should pick it up
0
 

Author Comment

by:Biofilminc
ID: 39711595
It looks like it may be because my DNS server was not yet using the same subnet. Anything else I need to worry about with changing subnets?
0
 
LVL 18

Accepted Solution

by:
irweazelwallis earned 500 total points
ID: 39712267
once you have checked routing and Network sets in the places above that should be enough

you should be good to go
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question