I am setting up TMG and we have two upstream proxies
192.168.72.101 for Students and Staff
192.168.72.102 for Unfiltered Access
I am just setting up TMG to handle our filtering and for the Students we would like to add in the 192.168.72.101 proxy as the web chaining rule so if it isn't filtered by our TMG it is filtered by their proxy box and would like to have staff on the filtered by us or unfiltered approach.
The way I thought about doing this is having two external networks (I have enough NICs) but when I add an external network in TMG it asks for IP addresses (the built in one doesn't). I then thought about redirecting staff through the 2nd external nic and then set up a web chain rule for that for the unfiltered proxy.
Is this possible and how do I set up the 2nd external nic in TMG?
I have a feeling that the answer was two TMG boxes, I don't think we ever found a way to hack it to the rather odd way that schools do things if using proxy chaining.
Assuming you have staff and student GPOs or VLANs why not just allow all hosts to be routed to the upstream proxy and point the hosts directly at the upstream proxy IP, as long as the TMG is the default gateway it will hit that then with the right firewalls in place bounce the request to either of the proxys.
There are currently 1 users browsing this thread. (0 members and 1 guests)