cancel
Showing results for 
Search instead for 
Did you mean: 

MWG7 host entry does not work

Hi all,

I want to redirect www.vatican.com (which is 198.61.172.123) to www.cisco.com (which is IP 2.21.96.170).

I do this with an entry in the host file --> see file host.jpg

You can see the result in --> firefox.jpg

The trace file is here --> trace.pcap

     (10.100.106.25          mwg proxy

      10.0.14.180               my IP)

HAS ANYONE A IDEA HOW TO HANDLE THE DNS REDIRECTION ?

0 Kudos
1 Reply
asabban
Level 17

Re: MWG7 host entry does not work

Hello,

I don't think the redirection will work properly this way. The client requested http://www.vatican.com, so if you rewrite the DNS response MWG will contact the cisco web server, but it will ask for www.vatican.com. This can be seen in the dump you added:

2014-03-03 09_55_23-vsphere.securelabs.local - vSphere Client.png

On top of this www.cisco.com points to Akamai, which means it has more than one IP address and most likely the IP addresses will vary from time to time. Instead you could try a rule like this:

2014-03-03 09_53_31-McAfee _ Web Gateway - MWG7-Test-2 - 10.150.64.145.png

What it does is if the Host accessed is www.vatican.com MWG will rewrite the URL in the rule engine. When the request cycle is over MWG will perform a DNS lookup for cisco.com and contact to the right destination server. Because URL.Host has been rewritten the Host: header should also be corrected, and access works:

2014-03-03 09_59_10-Cisco Systems, Inc - Cisco.png

Best,

Andre

0 Kudos