Rob, Glad you find the book useful... Have you tried using a netcap tool to see if the traffic from DPM1 is reaching DPN2 and vice versa? 99 times out of 10, if nothing is obviously being blocked by TMG, it's a routing issue. Jim From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Rob Moore Sent: Monday, March 19, 2012 11:25 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Can't get my DPM servers to communicate over TMG-based VPN Any idea why my two DPM servers (the primary here in the home site and the secondary at a remote site) won't communicate over my TMG VPN? I can RDP to the remote DPM server, I can ping both ways on the VPN, but when I try to get the remote DPM server to talk with the primary DPM server, the secondary DPM says the primary agent is "Unavailable." I can't see any errors on TMG, but I may not be monitoring the right thing. I set the VPN up according to Jim's book, Microsoft Forefront Threat Management Gateway (TMG) Administrator's Companion. The VPN seems to be working. Thanks, Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Rob Moore Network Manager 215-241-7870 Helpdesk: 800-500-AFSC