Hi,
I've enabled LAN routing on my TMG server, my network is as follows:
laptop (192.168.1.111)--- router A (192.168.1.1)--switch--tmg (192.168.1.22/192,168.2.22)--- router B (192.168.2.1)
I've added a static route from my laptop to 192.168.2.0 with 192.168.1.22 as the next hop (TMG)
My laptop can ping TMG, TMG can ping both sides of the network, it's multi homed. I've configured TMG as follows:-
internal network - 192.168.2.0
perimeter - 192.168.1.0
I've added the following allow firewall rules:
internal to perimeter ping
localhost to internal\localhost - http, https, ping
perimeter to internal ping
Whenever I try to ping 192.168.2.1 (router B) from my laptop on the other side of the network the ping fails. TMG logs show:
DENIED, source internal - 192.168.1.111, destination perimeter - 192.168.2.1, protocol PING
I've checked my network addresses for internal and perimeter (they're correct). So, I don't know why the firewall rule is categorising the network traffic wrongly.
Also I have PING rules in place to allow ping in both direction, but this fails. I suspect it may be to do with enabling LAN routing on TMG.
Please advise.
Thanks