?
Solved

Threat Management Gateway (TMG) 2010 is getting Event ID 21265

Posted on 2014-10-16
2
Medium Priority
?
878 Views
Last Modified: 2014-10-29
We are not able to pass traffic from one of our internal networks to another.

To be simple about our topology, TMG controls the 10.30.x.x networks and our other network on a Sonicwall is 10.0.0.x.

The internal network adapter on TMG is called bridge but we got an error in the event log talking about the 10.0.0.x network on the external WAN adapter.

----------------------------------------
The routing table for the network adapter TMG - WAN includes IP address ranges that are not defined in the array-level network External, to which it is bound. As a result, packets arriving at this network adapter from the IP address ranges listed below or sent to these IP address ranges via this network adapter will be dropped as spoofed. To resolve this issue, add the missing IP address ranges to the array network. The following IP address ranges will be dropped as spoofed: 705 - Bridge:10.0.0.0-10.0.1.255,10.10.0.0-10.10.0.255,10.10.4.0-10.10.4.255,10.10.10.0-10.10.10.127,
----------------------------------------

We're not sure if this is causing the issue but we can't have both networks mentioned above pass traffic between each other. All firewall rules on both ends have not changed and allow full access.


Troubleshooting:
I verified that the networks we need to talk are listed under the Network Topology and Active Routes.
I can ping from the TMG to the Sonicwall.
I can ping from the Sonicwall to the TMG.
I can ping from the Sonicwall to anything on the other side of the TMG.
I CAN'T ping from the TMG to anything beyond the Sonicwall.

I know that makes it sound like the Sonicwall is the issue, but we have not found any errors on anything except the error mentioned above in the TMG.
0
Comment
Question by:Paul Wagner
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 35

Accepted Solution

by:
Bembi earned 2000 total points
ID: 40400785
Check the NIC settings in TMG (settings for NICs should be done via TMG, not on the NIC itself) as the network mask on the NIC, if there are mask overlappings. As you have a 10.0.x.x and a 10.30.x.x. network, I would assume as mask of 255.255.0.0.
As the error message is talking also about other subnet ranges, it looks like that the mask is wrong.

Make sure that the definitions under the network tab fits to the address ranges covered by the according NIC mask.

I.e. you have a NIC 10.30.0.1 with mask 255.255.0.0, the according network range in the network definition is 10.30.0.0 to 10.30.255.255.
0
 
LVL 5

Author Comment

by:Paul Wagner
ID: 40411911
That was it. The NIC has a different subnet than what is scoped in the network definition.
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question