Hello.
I am trying to figure out how I could replace the ROUTE rule with a NAT rule for the traffic coming from internet into the internal network, on TMG 2010. Is this even possible?
Any tips much appreciated.
On this topic I have found that
https://social.technet.microsoft.com/Forums/forefront/en-US/4d021a4c-216f-4f3a-bcb8-934352960163/tmg-unable-to-see-nat-but-taking-the-client-ip-address-directly-to-the-firewall?forum=Forefrontedgegeneral
The default behavior (unless you have changed the Network Rules) is that TMG will have a NAT relationship between the Internal Network and the External Network. It is normal for TMG to have a Route relationship for "Local Host". Local Host traffic is any traffic that originates from the TMG server. Have you taken a network trace at Checkpoint? Do you actually see the client IP addresses of the SNAT clients? I would be willing to bet that you do not.
Thank you!