Good morning,
I have routing problem with two nic's on TMG.
mobility wifi
subnet -------MOB ROUTER----TMG-----LAN router----FW----INTERNET
10.176.212.0
I want to use TMG as transparent web proxy without authentication to access to some internal resources (without NAT) and to internet (with NAT).
Since there is a router between TMG and mobility subnet there is a static route on TMG configuration for mobility subnet.
About Windows configuration (on the host where TMG runs) I configured the gateway only on nic facing to LAN/INTERNET.
The problem is that some packets (and not ALL but only SOME) sent to mobility devices are sent back from TMG to LAN router and then:
- if the packet is internal (without NAT) it reach the TTL=0, between LAN router and TMG, and expires
- if the packet is external (natted) the tmg replaces the natted ip with the original, send it to LAN router, the lan router send again it back to TMG and then the TMG discardes it because there is no SYN state with this ip in his stateful table.
I have no idea on how to solve it.
Thanks
Fabio
I have routing problem with two nic's on TMG.
mobility wifi
subnet -------MOB ROUTER----TMG-----LAN router----FW----INTERNET
10.176.212.0
I want to use TMG as transparent web proxy without authentication to access to some internal resources (without NAT) and to internet (with NAT).
Since there is a router between TMG and mobility subnet there is a static route on TMG configuration for mobility subnet.
About Windows configuration (on the host where TMG runs) I configured the gateway only on nic facing to LAN/INTERNET.
The problem is that some packets (and not ALL but only SOME) sent to mobility devices are sent back from TMG to LAN router and then:
- if the packet is internal (without NAT) it reach the TTL=0, between LAN router and TMG, and expires
- if the packet is external (natted) the tmg replaces the natted ip with the original, send it to LAN router, the lan router send again it back to TMG and then the TMG discardes it because there is no SYN state with this ip in his stateful table.
I have no idea on how to solve it.
Thanks
Fabio