Static NAT on Forefront TMG 2010

Static NAT refers to a one to one network address translation process and it comes in handy in a lot of scenarios where you need to assign one specific valid IP address to one of the computers inside the LAN and do not want the other computers to use that valid IP address in order to have access to the internet.

The process explained above is called Static NAT and previously was not supported on Microsoft ISA Server 2006 or any other versions of ISA but with Forefront TMG it is now possible to assign one specific IP address to a specific host inside the LAN.

Now I am going to go ahead step by step on how to create a static NAT rule on TMG. Basically when you are going to do a static NAT, you will have a server inside your LAN; so before anything you need to create a computer object for that computer or server inside your LAN. So click on Firewall Policies on the left pane and then on the right you can see all the objects already existing inside your TMG. as shown in the picture click on new and choose computer :

Give a name to your server and enter the IP address of that server inside your LAN:

Then on the left pane, click on Networking and then on the page opened click on Network Rules tab. in order to create a new rule, click on Create a Network Rule on the right:

Give your new rule a name and then choose the source computer by clicking on Add and then choosing the server which you created just now:

Click Next and then click Add again to choose your destination network and if you want to NAT that server to the internet choose External and then click Next:

On the next window choose Network Address Translation and click Next again to see the window shown in the picture below. choose the second option (Use the specified IP Address) and then from the listed IP Addresses, choose the one which you want to assign to the server:

Note that if you want that valid IP Address to be listed here, you need to add the IP Address to the external network adapter of the TMG Server and then you will see the IP Address listed here.

Then click Next and then you are done. Finish it and as you can see in this picture the rule has been created and you are all done and well.

You want to learn more? Check out my new book below and have access to great and practical tutorials and step-by-step guides all in one book:

To get more information about the book click on the book below:


Hope you liked it..


4 thoughts on “Static NAT on Forefront TMG 2010

  1. What’s Going down i am new to this, I stumbled upon this I’ve found It positively helpful and it has helped me out loads.
    I am hoping to contribute & help different customers like its aided me.
    Good job.

  2. Well I really enjoyed reading it. This information procured by you is very practical for correct planning. befeeaeddegb

Leave a Reply

Your email address will not be published. Required fields are marked *