If, for example, a host record changes in your local DNS server, Forefront TMG does not directly uses the updated DNS entry, even if you use the command ipconfig /flushdns (in an elevated cmd). This command works only for the locally logged on user. The DNS entry will only be updated until the TTL has expired (which can be found in the settings of your DNS server TMG is using). If you want TMG to use the new DNS entry directly, follow the steps below.
In the TMG 2010 Tools & Software Development Kit you can find several useful tools. One of them is DNSToolsPack. You can find it here: http://www.microsoft.com/download/en/details.aspx?id=11183
1. Download the DNSToolsPack and extract the archive. It contains a .doc file, .rtf file and DNSTools.exe.
2. Copy the DNSTools.exe to the installation directory of ForeFront TMG (by default C:\Program Files\Microsoft Forefront Threat Management Gateway).
3. Open an command prompt (with an user account which has the appropriate rights for ForeFront TMG) and type in: dnstools /c which clears the DNS cache of TMG. Every new DNS request will now use the updated DNS entry.
There are several other commands available. Just type in dnstools to see what you might need.