cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

Hi all,

My goal is to setup McAfee Web Gataway as a proxy and my own external ICAP server that shall only receive ICAP respmod questions. It does not work at all.

Ok, I am using Wireshark to see the traffic between my ICAP server and the MWG and yes I see the options request from the MWG and it seems to work, my ICAP server are answer to them.

The Options request from MWG is coming every 10 sec.

I wonder if there are some documents regarding to setup an external ICAP server and using MWG as an ICAP client?

I have MWG 7 VMware installation.

I have imported the rule set from library for ICAP client and using default settings for the respmode (I have deleted the reqmod).

I get this error page when I try to reach google.se:

An internal error occured while processing your request.

URL: http://www.google.se/URL Categories: Search Engines
Current Rule ID: 18170
Current Rule Name: Call RespMod Server
Error Message: (16000) ICAP client filter error: no ICAP server available.

I do not know why there says “no ICAP server available” strange!

Can someone help me please.

Thanks

Mattias Lasu

1 Solution

Accepted Solutions
jschnell
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 10

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

Hello,

really hard to tell without an tcp dump, but from the text input: There is a '0' at the end of the OPTIONS response, which seems to be wrong there. As the encapsulated header says there isn't a body (null body) there must not be an 0 chunk to indicate the end of the response body .

Bye

Jan

View solution in original post

9 Replies
jscholte
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 10

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

It just sounds like an ICAP server is not defined or is unavailable.

Can you run a tcpdump and see what the traffis shows?

~jon

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

Hi,

Here comes the tcp dump and a whireshark dump.

TCP dump is on the MGW and the whireshark dump is between my computer that my ICAP server is installed and the MGW 7 VMWare that is also installed on my computer.

And how can I upload the files?

Thanks for the help

/Mattias Lasu

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

Okay, I shall try to explain how the traffics look like.

Between my ICAP server and the MGW the Option request look like this:

“OPTIONS icap://192.168.10.59/respmod ICAP/1.0

Host: 192.168.10.59

User-Agent: McAfee Web Gateway 7.2.0

ICAP/1.0 200 OK

Methods: RESPMOD

Service-ID: NetClean

ISTag: "SD 010001010000000"

Encapsulated: null-body=0

Max-Connections: 2000

Options-TTL: 3000

Allow: 204

Preview: 4000

Transfer-Preview: *

X-Include: X-Client-IP

Connection: close

Transfer-Ignore: asp, bat, exe, com

0”

And when I try to get an image on a web site, its look like this:

“GET /test/NetClean_Img2.jpg HTTP/1.1

Via: 1.1 192.168.79.129 (McAfee Web Gateway 7.2.0.1.0.13253)

Host: netclean.com

Accept: */*

Cookie: __utma=133485585.287898897.1337607599.1341232664.1341315056.6; __utmz=133485585.1337607599.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); SnapABugHistory=9#

Pragma: no-cache

Referer: http://netclean.com/test/net.htm

Connection: Keep-Alive

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)

Accept-Encoding: gzip, deflate

Accept-Language: sv-SE

X-Forwarded-For: 192.168.79.1

HTTP/1.1 200 OK

Content-Length: 210444

Content-Type: image/jpeg

Last-Modified: Mon, 01 Feb 2010 10:24:37 GMT

Accept-Ranges: bytes

ETag: "5c1aaac128a3ca1:fcbe7"

Server: Microsoft-IIS/6.0

X-Powered-By: ASP.NET

Date: Thu, 12 Jul 2012 06:09:19 GMT

......JFIF”

Not the hole image are coming maybe 2K.

The same images on the MGW using TCP dump looks like this:

“GET /test/NetClean_Img2.jpg HTTP/1.1

Via:HTTP/1.1 200 OK

Content-Length: 210444

C.........................................”

And the Option request on the MGW using TCP dump look like this:

“OPTIONS icap://192.168.10.59/respmod ICAP/ICAP/1.0 200 OK

Methods: RESPMOD

Service”

So why the MGW not showing the same traffic as on my real computer that’s is a question!

Thanks for the help

/Mattias Lasu

jschnell
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 10

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

Hello,

really hard to tell without an tcp dump, but from the text input: There is a '0' at the end of the OPTIONS response, which seems to be wrong there. As the encapsulated header says there isn't a body (null body) there must not be an 0 chunk to indicate the end of the response body .

Bye

Jan

View solution in original post

eelsasser
McAfee Retired
McAfee Retired
Report Inappropriate Content
Message 6 of 10

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

I also do not actually see any ICAP RESPMOD request to your ICAP server either.

The OPTIONS request is simply a heartbeat and not related to the actual ICAP connection.

When you edit a message on this forum, click the 'Use advanced editor' link and you can attach a file.

Message was edited by: eelsasser on 7/12/12 3:29:53 AM EDT
Samhan
Level 7
Report Inappropriate Content
Message 7 of 10

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

Hi,

 

May i know how to remove the last 0 chunk?

 

Thanks.

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

Thank you Jan, it was the last 0 chunk. I remove it and it all seems to work 🙂

It is strange, I have used the same ICAP server both on Bluecoat and Squid and it works fine with them but not the MGW.

Many thanks again 🙂

/Mattias Lasu

jschnell
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 9 of 10

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

Thanks for the positive feedback

Bye

Jan

Samhan
Level 7
Report Inappropriate Content
Message 10 of 10

Re: External ICAP server and MWG 7 VMware are not working, why??

Jump to solution

hi,

 

May i know how you remove the last 0 chunk?

 

Thanks.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community