Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The Forefront Threat Management Gateway is an excellent solution for edge security - however working with the Gateway at home is a bit more of a challenge. At home I have both DSL & Cable so using TMG enables me to load balance internet traffic across both.
But here's the problem - the ISP Redundancy feature within TMG required a static IP address and DNS entries. Most residential/mass markets ISPs make it very challenging to get a static IP address now.
So here's a handy script to update your ISP redundancy gateway settings if you're using multiple ISPs providing DHCP addressing. In this example I've named my external network adapters "DSL" & "Cable" for easy reference and set this script to as a scheduled task on the TMG server:
$root
= new-object -comobject "FPC.Root"
$isaArray
= $root.GetContainingArray()
$networks
= $isaarray.networkconfiguration.networks
$External
= $networks | ? {$_.Name -eq "External"}
$IspConfig
= $External.IspRedundancyConfig
$ISPs
= $IspConfig.Isps
$Cable
= $ISPs | ? {$_.Name -eq "Cable"}
$DSL
= $ISPs | ? {$_.Name -eq "DSL"}
If
($Cable.GatewayIPAddress -ne ((netsh interface ip show address "Cable" | `
select-string
"Default Gateway") -replace '^[^\d]+'))
{
$Cable.GatewayIPAddress = (netsh interface ip show address "Cable" | `
select-string "Default Gateway") -replace '^[^\d]+'
$Cable.Save()
}
If
($DSL.GatewayIPAddress -ne ((netsh interface ip show address "DSL" | `
select-string
"Default Gateway") -replace '^[^\d]+'))
{
$DSL.GatewayIPAddress = (netsh interface ip show address "DSL" | `
select-string "Default Gateway") -replace '^[^\d]+'
$DSL.Save()
}