TMG Array Network Instability (Full Version)

All Forums >> [Threat Management Gateway (TMG) 2010] >> Installation



Message


jerumball -> TMG Array Network Instability (3.Feb.2011 2:59:53 PM)

I have a new TMG 2010 array which I am trying to bring to a steady state in a development environment before putting it into production.  The 2-server, NLB array is managed by an EMS server, all of which are Win 2008R2 VMs

I have migrated my ISA 2004 EE config to the EMS server and modified many of the IP addresses so that I could have both the ISA and TMG systems running parallel.  This was very frustrating, but I finally got it working well, except for this odd problem...

Whenever I reboot one of the TMG servers, once it is pingable on the LAN, the server that was not rebooted suddenly becomes unreachable for 5-15 minutes, even though the NLB VIP address remains pingable throughout the entire process.

Can anyone offer any suggestions as I and getting very frustrated with this at this point.

Thank you.

John




tshinder -> RE: TMG Array Network Instability (9.Feb.2011 8:41:53 AM)

Hi John,

Is the NLB array not converging?

Thanks!
Tom




jerumball -> RE: TMG Array Network Instability (9.Feb.2011 9:21:18 AM)

Hi Tom,

I believe it is converging, but not sure... how can I verify this?

On another note, regarding EMS... should my EMS server have a nic configured for the same intra-array network as the TMG servers themseves?  That is how I have it set up now, but wasn't sure if that was best practice or not.  Furthermore, should I also be adding host entries on each of the servers, for each of the other servers in the array, pointing to their intra-array IP address, which is different than is what's configured in our DNS currently.  Our DNS servers currently map the TMG FQDNs to their respective internal IP addresses.

Thanks,

John




jerumball -> RE: TMG Array Network Instability (10.Feb.2011 11:28:23 AM)

Is TMG-configured NLB different that Windows 2008 NLB?

I ask because on my TMG servers, when I go into the Windows 2008 NLB Manager admin tool, it shows an internal and an external cluster for the current host only.  As far as I know, I didn;t configure any of this in this admin tool.

In my ISA2004 EE array, ISA itself handled all the NLB config.  When I look at the Windows NLB Manager tool on one of my ISa2004 EE servers, there are no clusters defined there.

Can someone please clarify the NLB config for TMG for me?
Thanks.




Page: [1]