Hi everyone,
please i need your help.
I am trying to introduce Microsoft Forefront tmg 2010 on a network as web proxy server/firewall placed behind a 2821 cisco router (Directly connected to the Cisco router) but the Forefront TMG cannot even access internet by itself.That is the localhost cannot
even go out to he internet. The internal network was initially connected to the router (192.168.1.x network) with the gateway of the internal network being 192.168.1.1 (router's interface address).
My objective is to introduce this FF TMG so i can use to block sites and streaming protocols.
Here is my NIC configs:
On the Internal NIC, i configure IP (192.168.1.1/24), Subnet Mask, No gateway, then DNS (point to local DNS server).
On the External NIC, i configure IP (192.168.2.1/24), Subnet Mask, Gateway (point to LAN Interface of Cisco 2821 router), No DNS.
I also have the following rules:
Allow Localhost to connect to anywhere (Internal, external, vpn clients)
Allow DNS protocol from both localhost and Internal network, destination - External.
On the Router:
Inside NIC: 192.168.2.2/24
Access List 10: permitting 192.168.1.0/24
NAT rule set: ip nat inside source access list 10 destination (my gateway address)
Default NAT route set: 0.0.0.0 0.0.0.0 4.1.2.3(my gateway address)
I don't have any DMZ in my network. I have even tried connecting the External LAN interface directly to the ISP's modem bypassing the router, yet i cannot even ping my gateway.
Please study this scenario and tell me what i am missing out. It's very urgent that i come up with the solution as it will help me keep my job. I suffered a lot to get this one, and i would be happy to keep it.
Thank you very much in advance