I already posted that question as a comment somewhere on this board, but I thought nobody would see it there, so I'm asking here again (sorry):
I'd like to redirect the User Interfaces' HTTP traffic on port 4711 to HTTPS on port 4712, like I would for other web-servers, in order to restrict user access to a secured channel. How can I do that for the McAfee Webgateway-ui, do you know? It would be very cool I you did and would agree to give me a hand with that ^^
[root@[Hostname] mwg-ui]# mwg-info version
Maybe I can do it here
standard in /etc/mwg-ui/server.xml :
<Connector server="mwg-ui" URIEncoding="UTF-8" port="4712"
protocol="HTTP/1.1" SSLEnabled="true" maxThreads="500"
connectionTimeout="20000" scheme="https" secure="true" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2" SSLCipherSuite="HIGH:!aNULL:!eNULL"
maxPostSize="2048" maxSavePostSize="0" />
<Connector server="mwg-ui" URIEncoding="UTF-8" port="4711"
protocol="HTTP/1.1" maxThreads="500" connectionTimeout="20000"
redirectPort="4712" maxPostSize="2048" maxSavePostSize="0" />
as modifying of Configuration Files is not supported, i highly NOT recommend to do so. There is more simple way exists if you want to have HTTP port running on port 4711.
Please let me know if this, does help or which idea you have behind redirection and why?
here you expect URL redirect which will happens on destination server(MWG Tomcat). I know one or two customers did this in the past. Unfortunately those changes will be overwrite by any update and in addition to it wont be supported at all. This effort doesn't sounds to be beneficial to alternatively type the additional https:// in front of your URL. Just create a bookmark of it will save your time and wont make any difference in usage.
we have a model where each department can manage their own filtering rules in the company. Most of the users doing that are not IT specialists, so what they can do is very limited, they can just edit some exceptions and do simple manipulations. I want them to use a TLS-secured channel to connect to the GUI, but I really need to keep it as simple as possible for them. I use dNAT on a FW-appliance to forward port 80 to 4711 and 443 to 4712. Since browsers use default port 80, I want the users to be forwarded to port 4711, there the GUI-webserver (Apache Tomcat?) is going to HTTP-redirect them to 4712. If some of them use "https://" in the browser they're going to be forwarded directly to 4712.
Thank you, in my case I'd like to do the extra work each time we do an update, because we need to keep it as simple as possible. Please check my answer to Jacek, I explained why. Do you have a manual how to do that, by chance?
could you please add that feature to the change request list at McAfee development? 🙂 I'm a bit disappointed a Web-Pro like McAfee doesn't support that.
it is not supported as you cant do this from the official UI and changes will be overwritten while updating. For Ideas you are welcome to submit some, please follow our Product Enhancement Request process: