I'am in customer site with 3x MWG 5500 installation.
Customer have McAfee Firewall Enterprise (v 8.3.x).
Web Gateway-s are placed in McAfee Firewall Enterprise DMZ.
Ports 80 and 443 are redirected to VRRP address of proxy HA config (in MWG) using firewall option "upstream proxy" without NAT.
Everything looks OK, but I see, that onlu first Web Gateway (Primary Director) scans users traffic.
Others two Web Gateways not scan users traffic.
Question why only first MWG (primary Director) scan traffic.
Below You have screens from Proxy HA config and Firewall upstream redirect.
First MWG (MWG01) - Primary Director:
Secong MWG (MWG02) - Secondary Director:
Third MWG (MWG03) - Scanner:
MFE upstream proxy config:
Any ideas why only first MWG scan traffic?
Go to Solution.
i am not quite sure about the MFE stuff here, but for proxy HA i am missing a port redirect 9090 -> 9090 from our community here: https://community.mcafee.com/docs/DOC-4819
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center