cancel
Showing results for 
Search instead for 
Did you mean: 
gizmagis
Level 11

McAfee Web Gateway 7 - broadcast

Jump to solution

Hi guys,

I hope this is the right section for this question. I have MWG 7 installed as transparent router - all clients connect to it's through default gateway. On all clients I have HIPS 8 installed and under log I can see that MWG is broadcasting every second on 255.255.255.255. Can anyone explain to me what is with that broadcasting ?

Tnx

Grgor

0 Kudos
1 Solution

Accepted Solutions
asabban
Level 17

Re: McAfee Web Gateway 7 - broadcast

Jump to solution

Hi Gregor,

you can ignore them. The broadcasts are sent out through the interface which has the IP associated that you configure for the "Management IP" in the UI. In case you have only one node at all, you can probably add an IP to a NIC that is not attached to a network, and configure that IP address as the Management IP.

But this is just theory. Typically the broadcast packets should not cause any problem, so in case everything is running fine around this, I would not touch it :-)

best,

Andre

0 Kudos
5 Replies
gizmagis
Level 11

Re: McAfee Web Gateway 7 - broadcast

Jump to solution

Anybody has an answer or idea what could that be ?

Gregor

0 Kudos
asabban
Level 17

Re: McAfee Web Gateway 7 - broadcast

Jump to solution

Hi Gregor,

in cas eyou use any of the HA modes, there should be broadcast and multicast traffic. The multicast traffic is used by VRRP which is the protocol used to make sure that one of the director nodes has the "virtual IP" assigned and available for the network. This may also be present if there is only one director node.

The scanning nodes are locating themselves by sending broadcasts. If I am correct those packets should have the IP protocol "253", which is the protocol used for the load sharing communication.

Hope this helps.

Best,

Andre

0 Kudos
gizmagis
Level 11

Re: McAfee Web Gateway 7 - broadcast

Jump to solution

Hi Andre,

In this environment there is only one MWG and configured as transparent router. So if there is only one, why is "he" looking for other scanning nodes or themselves ?

And yes you are correct, I can see ip 253 and broadcasting on 255.255.255.255.

So I can safely ignore this or is it best practice to configure sth ?

Regards,
Gregor

0 Kudos
asabban
Level 17

Re: McAfee Web Gateway 7 - broadcast

Jump to solution

Hi Gregor,

you can ignore them. The broadcasts are sent out through the interface which has the IP associated that you configure for the "Management IP" in the UI. In case you have only one node at all, you can probably add an IP to a NIC that is not attached to a network, and configure that IP address as the Management IP.

But this is just theory. Typically the broadcast packets should not cause any problem, so in case everything is running fine around this, I would not touch it :-)

best,

Andre

0 Kudos
gizmagis
Level 11

Re: McAfee Web Gateway 7 - broadcast

Jump to solution

Hi Andre,

thank you for reply and explanation about broadcast. I was just curious about it cause I saw broadcast every 1 second in my HIPS log.

Thanks,

Gregor

0 Kudos