Good day all,
I have several installed TMG and ISA with ordinal config: 1 ext 1 int
in all TMGs have externally published web and other resources which work well
Here is a problem I met:
we have one external client who unable to get any tmg published resources, this client has external ip like x.x.193.255
When client is trying to get tmg resources log shows:
Denied Connection Log type: Firewall service Status: A packet was dropped because Forefront TMG determined that the source IP address is spoofed. Rule: None - see Result Code Source: External (x.x.193.255:50567) Destination: Local Host (x.x.100.202:443
When i'm trying to tracert this client IP on TMG or behind it i see that all hopes are fall and logs says:
Denied Connection Log type: Firewall service Status: A broadcast packet was dropped by the Forefront TMG policy. Rule: None - see Result Code Source: Internal (192.168.27.18:2048) Destination: External (x.x.193.255)
If i try to tracert this ip from another source without tmg tracert goes well
So i have tried other ips which end with .255 but real (not broadcast) are not working
Is it a bug? How can i fix it