Hello Experts
We are going to deploy TMG with 2 NIC's Internal and External Our setup would be as follows in order to protect our internal DNS by not allowing talking to ISP directly.
- Install DNS
on TMG Box and Configure its internal NIC's DNS to point itself.
- Configured Unconditional forwarder on TMG with ISP's DNS IPs
- Configured Conditional Forwarder with internal domain namespace to resolve internal name and authentication purposes.
- Configured the internal DNS server with unconditional forwarder pointing to TMG internal IPs to allow resolving any external names on
clients.
Is that a correct solution
