Showing results for 
Search instead for 
Did you mean: 
Level 7

Source IP on webgateway

Hello All,

I have a question regarding McAfee webgateway.

The setup is as follows: Webgateway with IP 172.16.x.x. Clients that need to access internet use this IP address as proxy

The internet proxy then routes traffic through a firewall.
My firewall sees all traffic coming in for the internet as source ip 172.16.x.x. Is there a way to configure the proxy so that when it forwards traffic, it does not send its own IP address as source IP but retains the client's IP that made the request towards the internet?


0 Kudos
2 Replies
Level 14

Re: Source IP on webgateway

Hi ,

the source IP for your firewall cannot be changed. Because, if you change this value how the TCP packets from your firewall should be sent to your proxy back. :-)

Many firewall are able to extract the x-forwarded-for header from a HTTP request.


0 Kudos
McAfee Employee

Re: Source IP on webgateway

Hi Rsan,

This is actually possible using IP spoofing. This is supported in most all modes MWG is deployed (proxy/transparent router/bridge, etc).

IP spoofing though usually requires that the network accommodate this. I never recommend just turning this on.. google "Asynchronous routing".

With IP spoofing, traffic must take the same path back into the network as it did on the way out (synchronous routing).

Best Regards,


0 Kudos