We have TMG 2010 Installed on windows 2008 R2 OS
There are two interfaces on TMG server External and Internal Network
There are three IP subnet behind the TMG firewall into two different locations connected over WAN
Location 1 is using 10.15.16.0 subnet.
I have no issue connecting to 10.15.18.0 and 192.168.15.0 subnet from 10.15.16.0 over the WAN
Location 2 over the WAN connected to 10.15.18.0 and 192.168.15.0 subnet
I do have two static route on TMG connecting to 10.15.18.0 and 192.168.15.0 subnets
the route for 10.15.18.0 works and 192.168.15.0 does not work
Clients are connecting using IPsec tunnel and sure the DHCP IP to VPN client is into 10.15.16.0 subnets.
They can RDP to 10.15.16.0 and 10.15.18.0 (WAN) Network
They cannot RDP to 192.168.15.0 Network.
I can form this is TMG issue
I have create firewall rule to allow external to computers (192.168.15.0) subnets using RDP 3389
The TMG logs showing denied connections as below
Log type: Firewall service
Status: An ingoing packet was dropped because its destination address does not exist on the system, and no appropriate forwarding interface exists.
Rule: None - see Result Code
Source: VPN Clients (10.15.16.167:53901)
Destination: External (224.0.0.252:5355)
Protocol: Link-local multicast name resolution
Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 10.15.16.167
Rule Error 0xc0040050 fwx_e_tcpip_drop_ip_not_locally_destined
I have applied this blog solution but did not fix it
Muhammad Mehdi