Forefront TMG 2010 @ Home - Multiple ISPs with DHCP

The Forefront Threat Management Gateway is an excellent solution for edge security - however working with the Gateway at home is a bit more of a challenge. At home I have both DSL & Cable so using TMG enables me to load balance internet traffic across both.

But here's the problem - the ISP Redundancy feature within TMG required a static IP address and DNS entries. Most residential/mass markets ISPs make it very challenging to get a static IP address now.

So here's a handy script to update your ISP redundancy gateway settings if you're using multiple ISPs providing DHCP addressing. In this example I've named my external network adapters "DSL" & "Cable" for easy reference and set this script to as a scheduled task on the TMG server:

$root

= new-object -comobject "FPC.Root"

$isaArray

= $root.GetContainingArray()

$networks

= $isaarray.networkconfiguration.networks

$External

= $networks | ? {$_.Name -eq "External"}

$IspConfig

= $External.IspRedundancyConfig

$ISPs

= $IspConfig.Isps

$Cable

= $ISPs | ? {$_.Name -eq "Cable"}

$DSL

= $ISPs | ? {$_.Name -eq "DSL"}

If

($Cable.GatewayIPAddress -ne ((netsh interface ip show address "Cable" | `

select-string

"Default Gateway") -replace '^[^\d]+'))

{

$Cable.GatewayIPAddress = (netsh interface ip show address "Cable" | `

select-string "Default Gateway") -replace '^[^\d]+'

$Cable.Save()

}

If

($DSL.GatewayIPAddress -ne ((netsh interface ip show address "DSL" | `

select-string

"Default Gateway") -replace '^[^\d]+'))

{

$DSL.GatewayIPAddress = (netsh interface ip show address "DSL" | `

select-string "Default Gateway") -replace '^[^\d]+'

$DSL.Save()

}