Hey everyone!

Im a student and my team and I are trying to get experience in working with/put together a presentation on Microsoft's Firewall Threat Management Gateway.

We are using a lab with:
-two cisco 2600 routers
-two 3750 switches
-three servers running microsoft server 2008 64 bit.

We want to create an "internal" network and an "external" network (that would simulate the Internet). The "external" network will have one server hosting various websites("good" and "bad"). The TMG server has two NIC cards. One of the NICs in the TMG will connect to external while the other NIC connects to the internal. This way we can practice setting filtering rules and such for the servers and clients within the internal.


I was wondering if I could get some confirmation that our lab setup could work:

Will this be possible with only one router? What IP addresses do we assign to the external NIC of the TMG server (facing the router) and what IP do we assign to the connecting interface of the router?

Thanks!

looks fine, the TMG external interface could be 192.168.2.4/24
your router interface port address of 192.168.2.1/24 is fine

_________________
"If you're good at anticipating the human mind. It leaves nothing to chance."
-Jigsaw

Thanks! were heading into the lab in a few days to configure everything. Ill post my results.

Hey everyone,

We successfully set up the lab. However when we try to ping the "web server" (in 192.168.1.0 network) from "client 1" (192,168.2.0) we get "request timed out." or "destination unreachable".

-we can successfully ping both interfaces of the router from client 1....but anything behind the switch does not ping and vice versa. If we try from the 192.168.2.0 we get both router interfaces but cant ping client 1.

What am I missing?