Hi all,
I've the following setup:
1x Cisco 877 ADSL Router
Public IP: 212.9.28.xxx
Private IP: 10.0.10.1
1x Draytek 3100 SDSL Router
Public IP: 212.9.28.xxx
Public IP Range: 87.xxx.74.216/29
Private IP: 10.0.20.1
1x Forefront TMG 2010 (In Wan Load Balancing mode) 3x NIC
NIC1: Connected to Internal Network (192.168.0.0/24)
NIC2: Connected to Draytek SDSL (IP: 10.0.20.215)
NIC3: Connected to Cisco ADSL (IP: 10.0.10.254)
Basically, I host all of my internet services over the draytek, so SMTP, FTP, Websites etc are all accessible through either the main Public IP (212.9.28.xxx) or 1 of the IP's in our range of (87.244.74.xxx/29).
I think this is causing me massive issues with Lan to Lan VPN's.
Currently on the draytek I have Wan IP Alias setup, and in NAT > DMZ I am forwarding each of my public IP's through to a private ip bound to NIC2.
DMZ Setup is as follows:
DMZ 1 - 212.9.28.xxx -> 10.0.20.215
DMZ 2 - 87.xxx.74.216 -> 10.0.20.216
DMZ 3 - 87.xxx.74.217 -> 10.0.20.217
and so on, so on...
I think this is causing me problems with double natting. I am unable to initiate a VPN tunnel between a remote site running either a Draytek 2600, or a Draytek 2920.
What I would like to do is give NIC2 ALL of my external IP's - I want all my traffic from my main 212.9.28.xxx ip and my ip range 87.xxx.74.216/29 to be passed directly through and assigned to the NIC2.
I am not asking for the info on how to do it for the cisco, I will deal with that at a later date, but I think I would save myself from HOURS and HOurs of configuration trouble shooting if I didn't have these DMZ redirections in place. it would make it easier to diagnose issues etc.etc.
Can anyone tell me how I would go about giving my NIC2 on forefront tmg all of my external IP's?
Thanks, hope you can help.
Kind regards.
David
