Windows_Internet_Security_Acceller ation_Server_Using_A_Second_Gatewa y_If_Condition_Met
hello
we have a microsoft ISA server that points to our firewall which in turn goes to the internet. we would like to have a "dynamic routing" situation present where if our internet connection goes down, we would like to have our ISA server use a second
gateway to our hotsite location and then out to the internet. for various reasons we cannot use a routing protocol like OSPF or RIP/RIPv2. also, we cannot use a second internet route on our firewall because of a redundancy condition with the firewall.
so now i need to go "backstream" to our ISA server. is there a way to do some sort of test to the internet (i.e. a ping of
www.microsoft.com or something like that) and if that test fails to tell ISA to use a different gateway? thanks in advance for any assistance!
January 25th, 2011 11:46pm
I would suggest that you post this in the ISA/TMG forum.
http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/threadsBill
Free Windows Admin Tool Kit Click here and download it now
January 26th, 2011 1:43am
Hi,
Thanks for posting here.
Based on my knowledge that the new integrated ISP Load Balancing feature in TMG should help you to achieve the goal, for more information please refer to the links
below:
Enabling Internet Service Provider (ISP) redundancy
http://technet.microsoft.com/en-us/library/dd440984.aspx
http://www.isaserver.org/tutorials/Microsoft-Forefront-TMG-ISP-Redundancy-Mode.html
Meanwhile, like Bill mentioned that you may post to ISA/TMG category forum ,
so that you can get the most qualified pool of respondents.
Thanks.
Tiger Li
Important Note: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft
does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent
dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
January 26th, 2011 9:30am
On a normal server, this is very simple you just add a static route to second default gateway with a Metric that is slightly higher than then current default route. In general you should manually set the metric on the NIC before doing this.
Example:
route print - view current routing table
Exmaple of default route
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.103 25
Add new persistent default route to second gateway (192.168.1.1) with higher metric
route add -p 0.0.0.0 mask 0.0.0.0 192.168.1.1 metric 30
As Tiger pointed you to, this article talks about what you do with TMG, and gives a slight variation of the above.
Enabling Internet Service Provider (ISP) redundancy
http://technet.microsoft.com/en-us/library/dd440984.aspx
Free Windows Admin Tool Kit Click here and download it now
January 30th, 2011 8:57pm