I've seen some similar issues posted...but still can't get this to work.  The situation is pretty simple.

LAN Network: 192.168.0.0-192.168.0.255

Secondary LAN Network: 192.168.1.0-192.168.1.255

Secondary LAN reachable through internal router at 192.168.0.15

I add in the secondary network as SecondaryLAN, a separate internal network.  I created network rule that is a route between internal and SecondaryLAN.  I added firewall rules allowing traffic between SecondaryLAN and Localhost and a separate rule for traffic between SecondaryLAN and Internal.  I added a route for secondaryLAN to 192.168.0.15 (route added in TMG, not route add).

I still get traffic blocked to 192.168.1.x.  Traffic in the logs is reported as Denied - dropped due to unreachable network.

Any suggestions?

 

Hi,

Thank you for the post.

Please perform the following steps to allow the traffic, and here is similar thread: http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/thread/f1f507c6-5e91-4c62-9fca-0e5c697df0c8/.

1. the   clients on LAN Network should add static route point to router

2. on TMG server, add Secondary LAN subnet to the network definition for Internal

3. on TMG Server, add a static route from the command line to point to router

Regards,

I haven't tried setting up a virtual NIC with the IP addresses.  I did try the steps you outlined and it didn't work.  Sometimes we've been able to get this to work and sometimes not.  I'll figure something out and maybe try the virtual NIC approach...thanks for your help.

Hi,

Sometimes we've been able to get this to work and sometimes not- please also check the connection of network device, such as switch and router.

Regards,

Hi all,

are the steps 1 - 3 to be performed ALL or are those 3 different possibities?

Thanks Bernhard

All 3 have to be done.  TMG doesn't handle this situation well.  We phased it out.  We use primarily MikroTik routers now.  Never have issues like this anymore.