I'm trying to migrate over to Web Gateway Cloud Services/Cloud ePO and not sure where I need to go next. Here's what we currently have:
On-Prem ePO - we are going to continue using this
Previously we were using mcafeesaas.com portal and Directory Services Connector (DSC). Now DSC is no longer support with our version of ePO
McAfee Client Proxy
Here is what I have done so far:
Signed up for ePO cloud at manage.mcafee.com
Synced our backup MWG (as a test) to the ePO cloud. I have verified that it's syncing properly in the ePO Cloud > Policy Management
I created a test MCP policy on our On-Prem ePO. I changed the Proxy servers to our new SaaS address using our new Cstomer ID from Cloud ePO
Applied the test MCP policy to my test machine.
I am not getting filtered. I am not getting blocked and I'm not showing a SaaS IP at whatismyip.com
What am I missing for my test?
In the MCP policy, did you upload the shared secret? Also, if you look at the About dialog for MCP does it show as redirecting?
In ePO Cloud, you will need to Export the MCP Customer Credentials:
Then import them into your ePO on-premise:
You can find MCP About, from the Start menu by typing MCP:
It's important to keep in mind that just because you have "your" proxy set (c1111111.saasprotection.com), it doesn't mean you get filtered by your policy. The customer credentials are what route your requests to the correct policy.
In your case it doesnt sound like your even getting filtered though, so something else might be going on -- I'm hoping the About dialog will help.
Thanks for the Response Jon!
I just exported my shared password to be sure it was done. I'm still not having any luck.
The About MCP shows:
Connection Status: No connectivity
Status: No redirection
Everything else seems to be accurate and up to date.
Can you telnet to the proxy (i.e. establish a connection)?
telnet c111111.saasprotection.com 8080
telnet c111111.saasprotection.com 80
Do you have MCP set to "Always redirect" or "Redirect When"? You'll want "Always redirect" for testing.
If MCP cannot reach the proxy, it wont redirect (like if your firewall is blocking 8080 connections) -- based on the message "No connectivity" thats what it sounds like.
could you also let us know which version of MCP you are using? As John already mentioned at the moment your issues is a connectivity issue to the cloud proxys. Depending on the Version of MCP it is also possible that the captive portal check is failing. If this check is failing MCP will switch to No connectivity and will not redirect traffic.