locked
Network Template selections greyed-out in getting started wizard!

    Question

  • Help! I have two NICs and my network topology is "Back Firewall" (external NIC connects to a DMZ F/W). The TMG setup wizard is giving me no choice with the options greyed out and "Edge Firewall" selected for me. None of the TMG services have started and I see no way to enable the other network topology options. I made certain that in my adapter binding order, my internal NIC is 1st. This is really strange because this is my 2nd time installing on the same server with the same NICS and environment and for some unknown reason it seems to want to only give me the Edge Firewall choice.

    Can anyone shed insight on how to correct this. I'm on Windows 2008 R2 and ForeFront 2010 Enterprise ed.

    Thanks in advance

       

    Thursday, May 27, 2010 12:16 AM

Answers

  • Hi,

     

    As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’.

     

    If the issue still persists and you want to return to this question, please reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.

     

    Regards,


    Nick Gu - MSFT
    Thursday, June 03, 2010 2:49 AM
    Moderator

All replies

  • Edge firewall will be fine; you can also amend the choice (by making manual changes) of by running the GSW (before joining an array) after installation if you wish.

    I always tend to use Edge Firewall for that type of topology (DMZ=>LAN bridging) and amend rules as necessary if needed...I think the back firewall is more appropriate when it is "in-line" behind another edge firewall, but I don't think the templates differ greatly...

    Not sure how relevant this old ISA Server 2006 article is, but I haven't seen an updated one for TMG with as much detail:

    http://technet.microsoft.com/en-us/library/bb794774.aspx

    Cheers

    JJ 


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Thursday, May 27, 2010 11:00 AM
  • Thanks for your reply Jason. Even if acceptiing (the) "Edge Firewall" option is technically okay vs. "Back Firewall", I immediately ran into the next issue which was: "Network adapters not detected" - really strange!

    I accidentally solved both issues doing nothing more than connecting the designated ILo-RIB adapter (HP server hardware) which somehow magically enabled all Network Topology menu choices in the GSW except "single adapter" (which makes sense) ...upon connecting remotely over the ILo interface. Technically, the ILo port is a 3rd NIC (interface) but what's the correlation to the 2 other "undetected" onboaed NICs? It sounds like a bug in FTMG since I could already connect to my Domain on the internal NIC and get out to the Net on the External. So the NICs were working and routing my traffic prior to connecting the last interface (ILo) but that was the only change I made. Did I mention that was pretty strange? In any case I'm up and running now - thanks for the link.

    Thursday, May 27, 2010 9:13 PM
  • Weird...I have seen a few people on here with TMG deployments that show "Network adapters not detected".

    I always thought that the iLO cards were "out of band" and hence not seen by the OS????


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Friday, May 28, 2010 2:39 PM
  • Hi AD_Guy,

    Just wanted to know , initially when you were trying to run GS Wizard, was it via RDP Session?

    Thanks,

    Junaid

    Sunday, May 30, 2010 6:16 PM
  • Hi AD_Guy,

    Do you have any update about this issue?

    Regards,


    Nick Gu - MSFT
    Wednesday, June 02, 2010 8:01 AM
    Moderator
  • Hi,

     

    As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’.

     

    If the issue still persists and you want to return to this question, please reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.

     

    Regards,


    Nick Gu - MSFT
    Thursday, June 03, 2010 2:49 AM
    Moderator