locked
Which takes Precedence over the Other: NAT Address Selection / ISP Redundancy? RRS feed

  • Question

  • Hello,

    I have two ISP and I have attached to each Array Node three NICs. Two for External from each ISP and one for Internal vLANs. I have created a NAT Rules for each vLAN to be NAT-ed with each ISP. And configured ISP NLB and Failover for the same selected Address Range that belongs to both vLANs.

    Now, which takes presendece over the other when it comes to ISP Split the NAT Address Selection for each vLAN? or the ISP Redundancy that mapped for each Address Range?

    Thanks,

    Tuesday, December 14, 2010 6:42 AM

Answers

  • Hi hms,

    Thank you for the update.

    Yes, E-NAT takes precedence and will override any routing decisions make by ISP-R.

    Regards,

     


    Nick Gu - MSFT
    • Marked as answer by hms_24 Tuesday, December 21, 2010 7:56 AM
    Tuesday, December 21, 2010 5:49 AM
    Moderator
  • Hello,

    Thanks for your Answer Nick,

    I have qouted this from the link given;

    Diverting traffic to a specific ISP Link by using NAT rules:

    Set up a new network rule by clicking on the Forefront TMG console networking node and clicking on the Create a network rule. We’ll set the source and destination for the network, define it as a NAT and pick the Use selected IP addresses for each network option on the NAT Address Selection step.

    That way we make sure that the specific internal network that was defined in the source step of this rule, would only go out using the 10.50.2.212 IP

    Caveats and Troubleshooting

    Network rules override ISP redundancy settings. For example, when using Load Balancing mode, if a network rule routes specific internal subnet through ISP1, and there is a problem with ISP1’s connectivity, that specific sub network would not be routed to ISP2.

    =================

    That means, E-NAT will override ISP-R.???????????

    Thanks,

     

    • Marked as answer by hms_24 Tuesday, December 21, 2010 7:55 AM
    Tuesday, December 21, 2010 5:43 AM

All replies

  • Hi,

     

    Thank you for the post.

     

    As far as I know, you can define explicit ip addresses to be diverted through a specific link when using ISP Redundancy. For more information, please refer to this: http://blogs.technet.com/b/isablog/archive/2009/02/16/keeping-high-availability-with-forefront-tmg-s-isp-redundancy-feature.aspx

     

    Regards,


    Nick Gu - MSFT
    Tuesday, December 21, 2010 3:04 AM
    Moderator
  • Hello,

    Thanks for your Answer Nick,

    I have qouted this from the link given;

    Diverting traffic to a specific ISP Link by using NAT rules:

    Set up a new network rule by clicking on the Forefront TMG console networking node and clicking on the Create a network rule. We’ll set the source and destination for the network, define it as a NAT and pick the Use selected IP addresses for each network option on the NAT Address Selection step.

    That way we make sure that the specific internal network that was defined in the source step of this rule, would only go out using the 10.50.2.212 IP

    Caveats and Troubleshooting

    Network rules override ISP redundancy settings. For example, when using Load Balancing mode, if a network rule routes specific internal subnet through ISP1, and there is a problem with ISP1’s connectivity, that specific sub network would not be routed to ISP2.

    =================

    That means, E-NAT will override ISP-R.???????????

    Thanks,

     

    • Marked as answer by hms_24 Tuesday, December 21, 2010 7:55 AM
    Tuesday, December 21, 2010 5:43 AM
  • Hi hms,

    Thank you for the update.

    Yes, E-NAT takes precedence and will override any routing decisions make by ISP-R.

    Regards,

     


    Nick Gu - MSFT
    • Marked as answer by hms_24 Tuesday, December 21, 2010 7:56 AM
    Tuesday, December 21, 2010 5:49 AM
    Moderator