hi,
our TMG has two network cards: for External network - 193.219.57.20, internal - 10.0.30.49.
I can't access internal web server (10.0.30.50) through TMG server. I get errorr SPOOFING_PACKET_DROPPED (Status:A packet was dropped because Forefront TMG determined that the source IP address is spoofed).
As I read "The only reasons packets are denied as spoof are that either the ISA Server does not have the source IP in its address range for that network or if ISA does not have a route to it."
Our route table is:
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 193.219.57.16 193.219.57.20 266
10.0.0.0 255.255.255.0 10.0.30.1 10.0.30.49 138
10.0.30.0 255.255.255.0
On-link 10.0.30.49 266
10.0.30.49 255.255.255.255 On-link 10.0.30.49 266
10.0.30.255 255.255.255.255 On-link 10.0.30.49 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1
255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.12.0
255.255.254.0 10.0.30.1 10.0.30.49 138
193.219.57.12 255.255.255.128 On-link 193.219.57.20 266
193.219.57.20 255.255.255.255 On-link 193.219.57.20 266
193.219.57.255 255.255.255.255 On-link 193.219.57.20 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 193.219.57.20 266
224.0.0.0 240.0.0.0 On-link 10.0.30.49 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 193.219.57.20 266
255.255.255.255 255.255.255.255 On-link 10.0.30.49 266
===========================================================================
how can I check if ISA Server does not have the source IP in its address range ?
how to solve this?
thanks
aurimas
