I've got a TMG 2010 server and I'm using it provide a site to site VPN connection to a remote branch that is also running TMG 2010. This all works great. My issue is that after the site to site VPN comes up, in my HQ site, the IP address in the DNS entry for my TMG 2010 server changes. The HQ TMG 2010 server has a an address of XXX.XXX.0.21 set as the IP address of the internal NIC. Once the VPN site to site VPN connection comes up, the DNS entry for the HQ TMG server gets set to an address of on the remote branches subnet, so something like XXX.XXX.17.5.
Can someone explain why this is and how to fix it.
Thanks in advance,
Thank you for the post.
“Once the VPN site to site VPN connection comes up, the DNS entry for the HQ TMG server gets set to an address of on the remote branches subnet, so something like XXX.XXX.17.5. “ – do you use fixed ip address on HQ TMG server for internal ip address and DNS setting? Do you mean the fixed ip address auto change to remote subnet ip?
Nick Gu - MSFT
Yes, the HG TMG has a fixed IP address. The HQ TMG server IP address isn't changing, because I can still ping the HG TMG server by it's fixed address. It is the DNS entry internally for the HG TMG server that changes. Once the site to site VPN comes up the DNS entry for the HG TMG server changes to an address on the other branches subnet. I didn't have this problem with my older ISA server, so I'm not sure what configuration change I need to make to not have the DNS entry on the HQ TMG server change.