Configuring networks and routing

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

This section provides information about creating networks, network rules, and how to route client requests.

Forefront TMG networks represent your corporate network topology. Generally, a network is defined for each network adapter installed and enabled on the computer. Networks that do not require associated network adapters are the Local Host network, which represents Forefront TMG, and virtual private networks.

When deployed at the edge of your network, Forefront TMG should be configured with at least two network adapters: one connected to the Forefront TMG Internal network that represents the main corporate network, and the other to the Forefront TMG External network that usually represents the Internet. The External network is defined dynamically, based on the IP address ranges of other networks. You can configure the IP address range and other properties of the Internal network. If three or more adapters are available, you can also configure the properties of one or more perimeter networks. You can configure a dial-up connection on one network only (for example, to dial up for Internet access).

After defining networks, you create network rules in order to specifically allow networks to communicate. For more information, see Defining network rules.

The following topics provide instructions on:

• Defining network rules

• Defining network adapters

• Enabling Internet Service Provider (ISP) redundancy