cancel
Showing results for 
Search instead for 
Did you mean: 

Network Interfaces

If we have two network interfaces setup in MWG, is it possible to direct traffic out a specific interface given their source IP address?  The reason for this is that we have multiple ISPs and prior to the MWG we were sending traffic from certain networks out one pipe and then everything else out a different pipe.  I don't know if anyone has run into this yet or if it's possible in explicit proxy mode.  We're running version 7.3.0.2.0 if that matters...upgrade to the latest version is on the to-do list over the next two weeks.

Thanks,

Trevor

1 Reply
McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: Network Interfaces

Hi Trevor,

I havent seen this done, this would be considered policy based routing being done ON the MWG.

If you have a device upstream from the MWG that can split things based on source IP, then you could enable IP spoofing on the MWG (that way all the traffic would retain the original source address), BUT you'd have you make sure your network is good to do this in. When IP spoofing is introduced asynchronous routes can cause split path issues (syn goes out one path, syn ack comes back another).

Best,

jon

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support

    • Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center