Connecting the world with professional
Fiber Optic Solutions

fiber optic transceiver special topic

Certificate

FCC

 

CE

 

ROHS

Guarantee

Except products belongs to Bargain Shop section, all products are warranted by SOPTO only to purchasers for resale or for use in business or original equipment manufacturer, against defects in workmanship or materials under normal use (consumables, normal tear and wear excluded) for one year after date of purchase from SOPTO, unless otherwise stated...

Return Policies

Defective products will be accepted for exchange, at our discretion, within 14 days from receipt. Buyer might be requested to return the defective products to SOPTO for verification or authorized service location, as SOPTO designated, shipping costs prepaid. .....

Applications

PCIE Server NIC card Application

  • PCI-E NIC Cards provide redundant connectivity to ensure an uninterrupted network connection.

  • PCI-E NIC Cards are ideal for VM environments with multiple operating systems, requiring shared or dedicated NICs.

  • They are specially designed for desktop PC clients, servers, and workstations with few PCI Express slots available.

 

SNS Page

  • sopto facebook
  • sopto twitter
  • sopto linkedin

How should Configure Your NIC for ISA and TMG?

 

 

Quite often I get questions about how you should configure your network cards for Microsoft ISA or Microsoft TMG server. Since there is a common misconception about this, I thought I needed to write something down about it. For the moment I will assume that you have configured your ISA/TMG server in a domain environment. Later on I might describe other scenarios where your network card configuration might differ.

 

First, let’s talk about the external network adapter. Of course, you would configure an IP address and a subnet mask right? But after that, a lot of questions start rising. Should I configure a Default gateway on this adapter? Should I configure DNS servers on this adapter?

 

First the default gateway. The default gateway is a device where traffic is forwarded to when the machine can’t find the route to the destination IP address in its own routing table. Since adding the whole Internet into a static routing table isn’t a real option, you simple use the machine’s default gateway to forward your traffic to. This is usually your ISP router. So to get back to the question if you should configure a default gateway on the external NIC, the answer is Yes.

 

10Gigabit Ethernet PCI Express 2.0 Server Adapters Card

10Gigabit Ethernet PCI Express 2.0 Server Adapters Card

 

So what about the DNS configuration on your external network interface card? Since I assume your ISA/TMG is joined to a domain, this is pretty important question. As you might know, DNS is a very important item within an Active Directory environment. Without a good working DNS environment you might run into loads of problems.

 

For example: authentication issues. So what if you configure ISP DNS servers on your external interface even if you configured DNS servers on your internal interface? There is a big chance that your ISA/TMG server might forward authentication requests to your ISP and of course they don’t know anything about your domain infrastructure. So that would be useless. Actually configuring DNS on the external interface is not necessary.

 

So to summarize, configure the following on the external network interface card:

 

  • IP address
  • Subnet mask 
  • Default Gateway

 

The image below is from a Windows 7 system but you get the idea

 

Internet Protocol Version 4

Internet Protocol Version 4

 

Ok and now we turn our attention to the internal network interface card.  Let’s skip the IP address and subnet mask topics and move on to the default gateway. First of all you can only have one default gateway on your ISA/TMG server. Actually, this is true for many devices. But wait, I just said you should configure the default gateway on your external NIC right?

 

But what if you have multiple different subnets in your internal network? What if you have subnets like 10.10.1.0/24 and 10.10.2.0/24 and 192.168.2.0/24 subnets? Well those subnets should be added on the ISA/TMG servers using static routes to your internal subnets. You can do this with the "route add" command. So no, we don’t add a default gateway on the internal network interface card.

 

Example of a persistent route add command

Example of a persistent route add command

 

But what about DNS? Remember I talked about authentication and stuff? You guessed it, you should add the internal DNS servers to your internal NIC. ISA/TMG is capable of authenticating AD users. Maybe Bob is allowed to use FTP, but Ken isn’t. These users need to be authenticated and ISA/TMG will query the DNS servers to find the AD servers. So yes, DNS is needed.

 

Ok, to summarize you should configure the follow settings on the internal NIC:

 

  • IP address
  • Subnet mask
  • Internal DNS servers

 

Well, we’re almost done. The last thing I would like to recommend to you is that you keep an eye on your network binding order. Make sure you keep your internal network on the top and your external network at the end. Anything in between should be your DMZ interfaces if you have them.

 

Oh! I almost forget to mention DMZ interfaces. The only thing you need to configure for a DMZ interface is an IP address and a subnet mask. Note, if you have multiple subnets behind the DMZ interface make sure you add static routes for it just like you may have done for the internal interface.

 

Well, this was a pretty long post but I hope that I made it clear how you should configure your network interface cards on your ISA/TMG servers!

 

By the way, Sopto supplies high quality PCI Express Cards with reasonable price specifically for network servers. For the newest quotes, please contact a Sopto representative by calling 86-755-36946668, or by sending an email to info@sopto.com. For more info, please browse our website.