Since it seems to be a popular series I wanted to consolidate links to all my TMG Publishing articles.
As you may know they are designed to be a very simple walkthrough to get you started, the in no way cover every scenario but it should be enough to get you started.Then once you have it working, backup the config and tweak to your hearts content :), Have fun securing exchange.
Inter NIC = IP: ISP assigned Gateway: ISP assigned, DNS: null
Getting Started Wizard
Configure Network Settings
Be sure to add the additional route for the LAN network behind the back-end server. This also adds the internal LAN network to the Internal Network object(networking\networks), and adds a static route for the Internal network as well (Networking\routing tab)
In my case I have a dynamic IP in my lab, but this would be your ISP provided IP
At this point you should have routing connectivity to the domain.
Configure System Settings
I make sure mine is connected to the domain (just makes permissions easier) You can join the domain here
Define Deployment options
This is a preference but for this Lab I disable all updates or NIS updates
Remote Access Wizard (again preference But I limit config as this is a publishing lab not client access)
This one can make troubleshooting difficult if configured any other way