cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

Hi Everyone,

Hope you are all doing good during this tough time.

Is it possible to configure interfaces in MWG to handle dedicated traffic? For example interface eth0 is dedicated for handling MGMT traffic (Console) and interface eth1 is dedicated for handling data plane traffic (users web traffic, LDAP-related traffic, etc)?

 

Thanks.

 

Best regards,

Yedi

1 Solution

Accepted Solutions
mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

hello @yediaelchrist,

I did not test all of this but still answer to give you further hints and idea.

Yes this is possible on different ways. For example UI management traffic can be separated from normal user traffic via source based routing, explained in product guide here:
https://docs.mcafee.com/bundle/web-gateway-9.2.x-product-guide/page/GUID-0D45627C-C0D7-4313-AD1D-9E0...

To also split other traffic initiated by MWG like LDAP, DNS etc. you would need to configure static routes via Configuration > select appliance > Static Routes:
https://docs.mcafee.com/bundle/web-gateway-10.2.x-product-guide/page/GUID-D21E6B2A-AFEE-40D2-B723-74...

Static Routes are configured destination based. So if 1.2.3.4 is the LDAP server, configure a rule with destination 1.2.3.4 and once a connection is triggered from MWG to this destination, it will lookup the static routes table.

Normal user initiated traffic should still come in and leave on normal way (default gateway/interface) if no other networking rules are matching.

Of course, all need to be setup and tested.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

3 Replies
mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

hello @yediaelchrist,

I did not test all of this but still answer to give you further hints and idea.

Yes this is possible on different ways. For example UI management traffic can be separated from normal user traffic via source based routing, explained in product guide here:
https://docs.mcafee.com/bundle/web-gateway-9.2.x-product-guide/page/GUID-0D45627C-C0D7-4313-AD1D-9E0...

To also split other traffic initiated by MWG like LDAP, DNS etc. you would need to configure static routes via Configuration > select appliance > Static Routes:
https://docs.mcafee.com/bundle/web-gateway-10.2.x-product-guide/page/GUID-D21E6B2A-AFEE-40D2-B723-74...

Static Routes are configured destination based. So if 1.2.3.4 is the LDAP server, configure a rule with destination 1.2.3.4 and once a connection is triggered from MWG to this destination, it will lookup the static routes table.

Normal user initiated traffic should still come in and leave on normal way (default gateway/interface) if no other networking rules are matching.

Of course, all need to be setup and tested.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

Re: Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

Hi Marcel,

Thanks a lot for your detailed explanation, I will try to test this on our local lab first and update you accordingly.

For this matter, I will mark your comment as the solution.
Thanks a lot!

Best regards,
Yedi

Former Member
Not applicable
Report Inappropriate Content
Message 4 of 4

Re: Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

can you help me? How to Block Entire Countries from Accessing Your Website? 

 

@ geometry dash

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community