<div>
<div class="content wysiwyg-content">
Hi Guys,<br />
<br />
I've been trying to configure client VPN access into a TMG server,<br />
The VPN client is able to connect to the TMG server - no problem, but they are unable to access any other servers behind TMG.<br />
<br />
I think part of the problem is that TMG is on a different IP network than the rest of the internal network.<br />
The internal network is on 10.0.0.x while the TMG server is on 192.168.2.254 (internal), 192.168.1.4 (external)<br />
There is a fail-over router between 10.0.0.1 - 192.168.2.254<br />
<br />
The TMG server can access all Internal Network resources from 10.0.0.x &nbsp;<br />
We have a static route on the TMG server to the 10.0.0.x network.<br />
<br />
In TMG remote access policy (VPN), I've configured a manual VPN range available to VPN clients of 10.0.0.230 - 240<br />
When connecting with VPN to the TMG server, I am allocated an address from this range, which is correct.<br />
But I am for example unable to ping / access server 10.0.0.23 which is a server on the internal network.<br />
<br />
Any ideas will help!?
</div>
</div>


Hi Guys,

I've been trying to configure client VPN access into a TMG server,
The VPN client is able to connect to the TMG server - no problem, but they are unable to access any other servers behind TMG.

I think part of the problem is that TMG is on a different IP network than the rest of the internal network.
The internal network is on 10.0.0.x while the TMG server is on 192.168.2.254 (internal), 192.168.1.4 (external)
There is a fail-over router between 10.0.0.1 - 192.168.2.254

The TMG server can access all Internal Network resources from 10.0.0.x  
We have a static route on the TMG server to the 10.0.0.x network.

In TMG remote access policy (VPN), I've configured a manual VPN range available to VPN clients of 10.0.0.230 - 240
When connecting with VPN to the TMG server, I am allocated an address from this range, which is correct.
But I am for example unable to ping / access server 10.0.0.23 which is a server on the internal network.

Any ideas will help!?

VPN setup through TMG

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Microsoft Forefront, formerly known as Internet Security and Acceleration Server (ISA Server), is a network router, firewall, antivirus program, VPN server and web cache that runs on Windows servers. It includes identity management and protection systems, and discontinued systems for threat management and network protection, along with protection for Sharepoint and Exchange. The scope of discussions includes forward and reverse proxy, application and service publishing, virtual private networks (VPNs), outbound access rules, SSL certificates and network routing within either a single node or an highly-available array pairing.

Microsoft Forefront ISA Server

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.