Windows Mobile In Your Server Room

Every once in a while something neat comes along. Microsoft just released Beta 2 of ForeFront TMG – or the next version of ISA Server as it’s also known. There’s still the “old” features of ISA acting as a firewall and router in addition to some new features, and integrating itself in the ForeFront family of products. Hey, you can learn a lot more about it if you visit Microsoft TechNet if you’re interested in the sales pitch 🙂

One feature in particular that I had to try out in this release is “ISP Redundancy” which lets you have two WAN interfaces, that can be configured as either a load-balancer or for failover purposes. So? We’ve had products like that for a long time. Nothing new here… Well, I realize that it’s not like they invented the wheel or anything, but it’s nice to avoid having another box in front to add redundancy. And for those of us who primarily depend on an ISA box at the edge in some of our scenarios it adds an extra touch 🙂 (Don’t you hate it when the connection to your ISP drops when you’re sitting in the couch watching YouTube…)

Now obviously we need another pipe to the Internet for this to work, and what’s better suited than your preferred mobile broadband connection as a backup link 🙂 From Windows Mobile 6.0 onwards “Internet Sharing” has been a component that let’s you easily connect your laptop (or desktop) whenever you are on the go. The beautiful thing about it is that the connection registers itself as a network interface on your computer and acts as a NAT router.

So, here we go:
Device setup
– I tether my device to my computer via USB.
– Fire up “Internet Sharing” on the device, and “Connect”. (Note: you must have an internet connection configured on your device before you can connect.)
– The drivers should install itself on your computer provided you have Windows Mobile Device Center (on Vista & Server 2008), and a new network interface should appear as well.
– Your device should now be “Not Connected” according to WMDC.
image

Hyper-V Setup
I’m running ForeFront TMG Beta 2 on a virtual Windows Server 2008 x64, so I have to configure a new network in Hyper-V.
image 

Add another NIC to this particular virtual server.
image

A new NIC appears on my ForeFront Server (yes, I renamed the connection).
image

If we check the settings we see that DHCP is automatically enabled and working.
image

The release notes for ForeFront states that only one of the interfaces used in a redundancy setup should have a default gateway defined. I have DHCP on both of my WAN interfaces in this lab, but decided to try it out in spite of this. If required it’s probably not a problem to reconfigure it to a static IP in the same range. (I don’t know if there’s a setting specifying which range the device provides.) I got a few errors regarding IP address conflict that might be related to this, but things were still working though.

ForeFront TMG Setup
Start up the ForeFront Console. Choosing “Networking” on the left hand, and you should have an “ISP Redundancy” tab in the right pane.
image

Go through the “Configure ISP Redundancy” Wizard:
image 

You can choose if you want failover or load-balancing. If you load-balance you can direct specific traffic through a specific link as well. We’ll choose the failover scenario.
image 

Choose your first interface. Options to set IP manually, select the adapter, and how you want link state to be determined. This connection is the one we have through our network cable – also known as the one that serves up at least a couple of megabits.
image

Then we add our super-speedy HSDPA interface.
image

We’ll specify DSL_WAN as our primary link.
image

Looks good so we hit “Finish”.
image

We’re apparently up and running with the failover.
image

I’m not able to yank the cable out of a virtual server, so to simulate this I disable the interface. I don’t know how quickly things update itself, but when refreshing the interface we see that the failover has occured.
image

If you want to force things you can run through the configuration steps again, and specifically mark a connection as active/disabled.

There are a few points to be aware of at this point however:
– ForeFront TMG is still a beta product, and although it seems to be stable there’s probably a bug or two left still.
– The release notes states that this feature should only be used in non-production environments. There might be a reason why this is stated explicitly.
– It doesn’t appear to be a failback option. I had some issues getting it to bring back the primary link. (Could also be related to the DHCP stuff.)
– I don’t know how long the WM device is able to keep “Internet Sharing” working, or if it might timeout.
– Make sure you have a good data plan with your mobile operator 🙂

I am fully aware that this solution cannot compete with “real” redundancy, and that HSDPA might not bring excessive surfing speed. But it’s a really cool thing to do with Windows Mobile nonetheless if you ask me 🙂

One thought on “Windows Mobile In Your Server Room”

Leave a Reply

Your email address will not be published. Required fields are marked *

*