cancel
Showing results for 
Search instead for 
Did you mean: 
pierce
Level 13

HIPS - CAG, IP filters dont seem to get picked up?

Jump to solution

Hi There,

I am trying to setup a CAG group so that unless your on the coporate network certain programs wont be able to get out.

I have a test laptop running my test policies, I have IE in the standard policy and chrome in the CAG policy (a quick refresh of google confirms whats working).

My problem is the IP filters dont seem to work. my networking team have advised me that IP is the best filter across all of our sites and LAN/Wireless.

I set up the CAG to use any connection type and the only criteria is the IP address.

I added the Range 10.115.0.0 - 10.115.255.255 and this failed, then I tried added the network 10.115.0.0/16, still nothing. Finally i just tried the individual IP of this machine and I still cant get it to pick up and kick in.

Is there something very obvious I am missing here, the guide dosnt give examples or samples of how to add details to this effectively? Im no networking or firewall guy and this has fallen into my lap to implement and its proving to be a nightmare....

thanks!

PIerce

0 Kudos
1 Solution

Accepted Solutions
metalhead
Level 12

Re: HIPS - CAG, IP filters dont seem to get picked up?

Jump to solution

You can set the firewall to debug mode in the client interface policies.

Then rerun your test and check/post the Firesvc.log from your test laptop.

0 Kudos
3 Replies
metalhead
Level 12

Re: HIPS - CAG, IP filters dont seem to get picked up?

Jump to solution

You can set the firewall to debug mode in the client interface policies.

Then rerun your test and check/post the Firesvc.log from your test laptop.

0 Kudos
pierce
Level 13

Re: HIPS - CAG, IP filters dont seem to get picked up?

Jump to solution

Thanks for the info.

I enabled debugging and found the logs.

It shows finding 2 network devices (wireless card is off). and then it shows that the CAG group is currently applied to the wired network, i have just called the CAG group ' Internal network' for now.

I re-checked everything and chrome still does not work but firefox works fine (these are the only two applications in my cag group for testing.

Im guessing chrome updated and needs new rules or something.... I can see this is going to be fun managing the firewall....

thanks very much for your help!

0 Kudos
McAfee Employee

Re: HIPS - CAG, IP filters dont seem to get picked up?

Jump to solution

Please see if this information helps.

KB65560 - Troubleshooting Host Intrusion Prevention Connection Aware Groups

PD20747 - Host Intrusion Prevention Firewall Connection-Aware Groups

0 Kudos