I got a Forefront TMG server with a 3 leg perimeter setup. I want to build a failover for two SharePoint Servers but they need to join a domain for that to work. I have placed a read only DC as a Hyper-V machine on one of the SharePoint servers. The RODC however is not able to contact the internal DC. I have made a rule on my ForeFront server that should allow DNS traffic between the specific computers: From DC to RODC and vice versa. The protocols in this rule are DNS and DNS server. However when I try to connect my Forefront server denies the connection on port 53(DNS).
Does someone know where the problem lies? Thanks in advance!