I get tons of these: A packet was dropped because Forefront TMG determined that the source IP address is spoofed
When crossing from one network to another network.
Even the TMG's IP's are some times seen as spoofed
My setup
2 x TMG 2010 Ent in an Enterprise array controled by a third server
The network setup is
1x External
3x Internal (10.10.1.x, 10.10.3.x, 10.10.10.x)
Both servers have 4 NIC's one for external and 1 for each network.
All 4 networks are NLB enabled.
All servers exept in the 10.10.10.x network is running 2008 R2, the servers in 10.10.10.x is running 2008
All the TMG servers are Hyper-V machines, the 3 internal Virtual NIC's are link'ed to the same Physical NIC. And the External is link'ed to another Physical NIC.
Based on the info above, the local address table should include at least the following:
10.10.1.0 - 10.10.1.255
10.10.3.0 - 10.10.3.255
10.10.10.0 - 10.10.10.255
You may need to add more if the there are other subnets inside of the FTMG internal nic.
In the FTMG gui, select networking - select the internal network then select addr
Thank you for your answer.
Sorry, not sure, if it's a question, or something I should do.
You are not completely right, but the 10.10.10.0 - 10.10.10.127 (255.255.255.128), But you couldn't know that. :)
I have take a sceenshot of the network setup, please look here:
http://misc.norphf.dk/tmg-network.PNG
/nOrphf
I assume though that the spoofed addresses reported are on the 10.10.10.0 subnet?
No, that's actually all 3 internal -> external
and all internal -> internal
I am getting that many, that my tmg log query stoped because the rate of incomming data was too fast :(
http://misc.norphf.dk/network.PNG
- Edited by nOrphf Friday, February 26, 2010 1:34 PM
http://misc.norphf.dk/network.PNG
- Edited by nOrphf Friday, February 26, 2010 1:34 PM
Can you provide the output from an ipconfig /all please from the FTMG box?
Not sure, wheter I'm just giving away my IP info, or your still trying to help, but I have deleted most of the info, as I don't like to float.
You can get the ip config on A PM if you reply back.
- Edited by nOrphf Tuesday, February 23, 2010 9:00 AM Removed the IPCONFIG.
Not sure, wheter I'm just giving away my IP info, or your still trying to help, but I have deleted most of the info, as I don't like to float.
You can get the ip config on A PM if you reply back.
- Edited by nOrphf Tuesday, February 23, 2010 9:00 AM Removed the IPCONFIG.
Hi
Sorry the negative post, it was just because you didn't write back after I posted the IPconfig, but here it is again:
IPconfig removed :)
I have rearranged the visio drawing so I think it gives a better overview. here is the link again: http://misc.norphf.dk/network.PNG (If it helps :) )
- Edited by nOrphf Wednesday, March 03, 2010 7:27 AM
Hi
Sorry the negative post, it was just because you didn't write back after I posted the IPconfig, but here it is again:
IPconfig removed :)
I have rearranged the visio drawing so I think it gives a better overview. here is the link again: http://misc.norphf.dk/network.PNG (If it helps :) )
- Edited by nOrphf Wednesday, March 03, 2010 7:27 AM
I have just had an power outage so all power was cut, for 20 minutes.
Now I don't recieve this error anymore.
Now I recive this error instead: http://misc.norphf.dk/denied.PNG
It's mostly traffic to my VPN connected computer, but as you can see, there ar also some traffic to 10.10.1.255.
Not sure whether this problem is related to that I have 2 TMG's and that they have there own VPN IP address assignment.
Not sure whether I should create a new thread for this :)
/nOrphf
Hi,
Due to the complexity of this issue we are unable to effectively assist with this request in the forum.
I would like to suggest that you contact Microsoft Product Support Services via telephone so that a dedicated Support Professional can assist with this request.
To obtain the phone numbers for specific technology request please take a look at the web site listed below.
http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS
If you are outside the US please see http://support.microsoft.com for regional support phone numbers.
Thank you for your patience and understanding.
Regards,
I just reapplied the Networks, and found out that I had a faulty DNS server, so changed it to my ISP's dns, and no it's running smooth.
Unfortunatly I don't know which one solved ny problem, but I belive it was the DNS issue.
Thanks for aswering.
/nOrphf
- Marked as answer by nOrphf Friday, March 05, 2010 10:28 PM
I just reapplied the Networks, and found out that I had a faulty DNS server, so changed it to my ISP's dns, and no it's running smooth.
Unfortunatly I don't know which one solved ny problem, but I belive it was the DNS issue.
Thanks for aswering.
/nOrphf
- Marked as answer by nOrphf Friday, March 05, 2010 10:28 PM