This is the first time I've implemented TMG, and I think I'm in a bit over my head. Here's my setup:
- I'm using TMG simply as a reverse proxy for publishing OWA (as well as Lync and Sharepoint, but that's not for now). It is not being used as an internet facing firewall, so we've placed it in the DMZ behind our Cisco ASA.
- I want to have an Array of TMGs load balanced, for redundancy (traffic isn't really an issue; we're not that big).
- Exchange CAS is on the Internal network (no edge roles).
So, I've got two NICs on each box, one in the DMZ and one internal.
Current config for those NICs:
DMZ:
default gateway: yes
DNS:no
MS File Sharing: disabled
Internal:
gateway:no
DNS:yes
File Sharing: enabled
I've followed Technet docs to get a standalone array going. They are communicating configs on the DMZ Nics (I used those NICs when defining Managed Computers in the Firewall settings).
I then enabled NLB in TMG, and set the VIP on the DMZ network. Now it's all broke.
First question: Am I doing this correctly in the first place?
Second question: Assuming my config works, what else do I need to do to get NLB working?