TMG2010 network topology routes

Good day everyone!

The question is: how to "correctly" & "best practice way" to add routes to internal network in this scenario

https://lh4.googleusercontent.com/-lcufK2jjV2w/Tey7DNJn4XI/AAAAAAAAAMs/KADypNfrJNQ/TMG2010.png

1. Add 3 routes:

route add 172.20.0.0 MASK 255.255.248.0 172.20.255.254 -p
route add 172.20.10.0 MASK 255.255.255.0 172.20.255.254 -p
route add 172.20.11.0 MASK 255.255.128.0 172.20.255.254 -p

2. Add 1 route

route add 172.20.0.0 MASK 255.255.0.0 172.20.255.254 -p

3. May be i can use Network Topology Route? (TMG MMC - Arrays - Forefront TMG - Networking - Routing - Create Network Topology Route)
And add 1 route with 172.20.0.0/16 network?

June 6th, 2011 11:37am

Hi,


1 and 2: That depends on your granularity routing control. If you doesn't need other routes in the 172.20.x.x /16 Subnet, you can use solution 2)
3) yes, this is the recommended way in TMG. The routes are stored in the TMG configuration store and not in the local machine (as ISA 2006 has done this when you added routes with Route add)

Free Windows Admin Tool Kit Click here and download it now
June 6th, 2011 12:03pm

Marc, thanks for reply!
So if i understand you correctly then:
1. if i have many internal networks for example
172.20.1.0/24
172.20.2.0/24
......
172.20.6.0/24
172.20.7.0/24
i do not need add routes to networks one by one, and can add "one big network route" with 172.20.0.0/21 ???

2. The best practice will be using Network Topology Route. This route will add routes on all nodes of NLB array ???

June 6th, 2011 12:50pm

Hi,

yes, you can use one big network route which must correspond to the rest of your Network infrastructure (Router, Gateway etc.)
2) yes, the Network Topolgy routes will be stored in the local AD-LDS instance on the TMG Server or if the TMG Server is a member of an array managed by an EMS in the central EMS Server (AD-LDS) or in a Standalone Array on booth Array Members

Free Windows Admin Tool Kit Click here and download it now
June 6th, 2011 2:03pm

HI All, 

  I cannot connect to Internet from the TMG 2010 Server . I have noticed that i got these two routes . i have  put my internal proxy to IE  didn't work 

i have set Internal--->external rule

 

How do i find the issue?

May 21st, 2015 2:50am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics