Understanding a scenario where TMG drops the packet as spoofed even when the source IP doesn’t belong to the internal networkhttp://blogs.technet.com/b/isablog/archive/2010/08/18/understanding-a-scenario-where-tmg-drops-the-packet-as-spoofed-even-when-the-source-ip-doesn-t-belong-to-the-internal-network.aspx1. Introduction The core TMG behavior (which is the same on ISA) for handling spoofed packets is well known. Basically, if the IP address belongs to the internal network and it is received on the external interface, it is expected that the packet willen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)re: Understanding a scenario where TMG drops the packet as spoofed even when the source IP doesn’t belong to the internal networkhttp://blogs.technet.com/b/isablog/archive/2010/08/18/understanding-a-scenario-where-tmg-drops-the-packet-as-spoofed-even-when-the-source-ip-doesn-t-belong-to-the-internal-network.aspx#3572584Tue, 14 May 2013 14:49:20 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3572584Adedamola Ibironke<p>I had a similar issue, just created the new route and designated the gateway on the LAN card and that was it.</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3572584" width="1" height="1">re: Understanding a scenario where TMG drops the packet as spoofed even when the source IP doesn’t belong to the internal networkhttp://blogs.technet.com/b/isablog/archive/2010/08/18/understanding-a-scenario-where-tmg-drops-the-packet-as-spoofed-even-when-the-source-ip-doesn-t-belong-to-the-internal-network.aspx#3556503Tue, 05 Mar 2013 13:23:23 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3556503MaxMVP<p>I confirm Nik&#39;s case</p> <p>Our TMG has the default gateway address on the external network interface, and the route for external network as well, but this issue is still pops up.</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3556503" width="1" height="1">re: Understanding a scenario where TMG drops the packet as spoofed even when the source IP doesn’t belong to the internal networkhttp://blogs.technet.com/b/isablog/archive/2010/08/18/understanding-a-scenario-where-tmg-drops-the-packet-as-spoofed-even-when-the-source-ip-doesn-t-belong-to-the-internal-network.aspx#3498341Wed, 16 May 2012 16:47:27 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3498341Rajkumar<p>Hi Ori Yosefi,</p> <p>We are using TMG 2010 with exchange server 2003. Could you please help me to know how can I stop spoofing using TMG</p> <p>Email flow - External Email -&gt; TMG 2010 -&gt; Message Labs -&gt; Exchange Server 2003</p> <p>One of the mailbox is keep on receiving NDR from Postmaster stating the email is not delivered for the emails which was not sent by user. while investigating in Message Labs it says the emails are from TMG to Message Labs having from address as internal user and email sent to external invalid email addresses. Not sure how to find the source IP which is relaying those spoofing emails.</p> <p>How to identify the external source which is sending these kind of emails and how to stop it. Please advice.</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3498341" width="1" height="1">re: Understanding a scenario where TMG drops the packet as spoofed even when the source IP doesn’t belong to the internal networkhttp://blogs.technet.com/b/isablog/archive/2010/08/18/understanding-a-scenario-where-tmg-drops-the-packet-as-spoofed-even-when-the-source-ip-doesn-t-belong-to-the-internal-network.aspx#3488666Mon, 26 Mar 2012 19:41:51 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3488666bala<p>Thanks, does this applies also for internal scenario?</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3488666" width="1" height="1">re: Understanding a scenario where TMG drops the packet as spoofed even when the source IP doesn’t belong to the internal networkhttp://blogs.technet.com/b/isablog/archive/2010/08/18/understanding-a-scenario-where-tmg-drops-the-packet-as-spoofed-even-when-the-source-ip-doesn-t-belong-to-the-internal-network.aspx#3475216Thu, 12 Jan 2012 21:04:22 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3475216Di<p>tnx a LOT!</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3475216" width="1" height="1">re: Understanding a scenario where TMG drops the packet as spoofed even when the source IP doesn’t belong to the internal networkhttp://blogs.technet.com/b/isablog/archive/2010/08/18/understanding-a-scenario-where-tmg-drops-the-packet-as-spoofed-even-when-the-source-ip-doesn-t-belong-to-the-internal-network.aspx#3474349Sat, 07 Jan 2012 02:18:54 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3474349Nik<p>Hi, this doesn&#39;t work in my environment. I already have default gateway on my external adapter.</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3474349" width="1" height="1">re: Understanding a scenario where TMG drops the packet as spoofed even when the source IP doesn’t belong to the internal networkhttp://blogs.technet.com/b/isablog/archive/2010/08/18/understanding-a-scenario-where-tmg-drops-the-packet-as-spoofed-even-when-the-source-ip-doesn-t-belong-to-the-internal-network.aspx#3351691Wed, 25 Aug 2010 00:30:09 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3351691Anonymous<p>Is there a common scenario that will not have default gateway in the external card?</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3351691" width="1" height="1">