| From: Kurt Buff | Sent: Monday, November 14, 2011 9:55 PM Thanks Kurt
| Not odd at all. Pretty standard. Well, we've gone through 4 ISP's over the last 11 years, and they always give me a /248 IP. Granted, they route upstream very similar, but I never have to supply the router beyond the router that supports my /248. | Yup. Pretty standard. I assume that the Adtran is the ISP's box that is | at your site. Correct, it only gives out the one IP. I think I said 'level' and I meant 'layer'. | First, though, you haven't described the rest of your environment. | What else will this speedy interface be serving? Is this link *only* for | your web servers, or does it serve the rest of your organization? A few mail servers, some other services (VPN), etc., as well as the rest of the organization, yes. I can handle that fine with TMG, it's the routing outside my router that has me a bit stumped. | So, you might want to strategise a bit regarding how you treat those | four public IP addresses. Ask yourself questions, such as: Those are good questions - I've got that part handled more or less. Excellent writeup - I'll consider those points. | Regardless, the simplest way to do what you want is to acquire two boxes | that can support this. Right, I was hoping to avoid buying another box ... if the Layer 3 switch can do the routing. I don't need to do any filtering or firewall outside of the 5 IP's I get on the /248 subnet, just the routing. TMG gets upset if you try to define a 'virtual' IP subset, i.e. one not bound to an adapter. == John == John Gwinner | Director of Technology DAZSI /Oracle Business Applications 310.640.1300 (office) | 310.640.9900 (fax) 880 Apollo Street - Ste. 201 | El Segundo CA 90245 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
