Hi,
I have a TMG cluster wit 3 legs - External, Internal1, Internal2
On Internal1 I have all clients and servers
On Internal2 I put my Fortigate 80C used for the wireless network. I use Radius for auth. Radius server is on a Windows server in Internal1 network.
Everything works fine but as soon as I start NLB for the 2nd TMG cluster the RADIUS auth fails. Everything else works. If you are already auth for wireless internet and everything works for you.
For internal1 I have to use Unicast, For External I use Multicast NLB and it works great. For Internal2 I tried unicast/multicast no difference. I even configured the multicast MAC and IP on the cisco switch between TMG and Fortigate.
What I find strange is that everything works with 1 TMG node (one or the other) but as soon as I start NLB service on the second one Radius auth will timeout.
Looking at the network packets it seems that TMG drops the UDP fragments for RADIUS.
I have the Block IP fragments disabled.
Any idea?
Does TMG NLB has trouble with NLB and UDP traffic?
Thanks a lot!