cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

configure transparent router mode

Dear,

I'm deploying a single Web gateway 7 with router transparent mode. But client cannot access to internet. Please see attachment and help me check the problem.

Thanks and Regards,

15 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 16

Re: configure transparent router mode

Hello,

disable IPSpoofing in the Porxy section. It won't work in your environment from what I see, as it creates an asynchronous routing.

best,

Michael

Michael Schneider
Lead Product Manager for Web Protection
(•‿•)
Highlighted
Level 7
Report Inappropriate Content
Message 3 of 16

Re: configure transparent router mode

Hi, I tried doing the same step from what he shown and what you recommend, but the users still don't have any internet connection.

Is there anything that I missed?

Highlighted
Level 12
Report Inappropriate Content
Message 4 of 16

Re: configure transparent router mode

Have solution for this? Thanks!

Highlighted

Re: configure transparent router mode

What is solution for this question?

Highlighted

Re: configure transparent router mode

If you guys went though this guide, followed michael_schneider's instruction "disable IPSpoofing in the Porxy section" and still no luck.
Please check your network part.

Best of luck.

Highlighted

Re: configure transparent router mode

Anyone found solution to the problem?

I am facing the same problem, and I can not find documentation or guidance on the subject.

My post about it in the community https://community.mcafee.com/thread/74568

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 16

Re: configure transparent router mode

Hello,

the problem you encounter might be related to a wrong configuration of any network device on MWGs path. The majority of "transparent router" problems due to the setup are caused by missing routes. It will be pretty hard to provide any guidance to get the routing fixed in you environment without having any kind of information such as network diagrams or packet captures.

As mentioned in the thread you want to start troubleshooting by looking at default gateway MWG uses. In many cases this device does not know the network MWG has routed to the default gateway and so the packets cannot go back to MWG and to the client. This is something you only see when looking into the network traffic.

If you need more specific assistance for your case please provide some more information about your network of get in touch with support.

Best,

Andre

Highlighted

Re: Re: configure transparent router mode

Ok Andre,

Thank you for the help, I'll spend more data.

I tried to solve the problem with the McAfee support more failed to yet.

[Internet] <----> 172.29.0.0/24 --- eth0 172.29.0.117 [MWG] eth1 172.30.8.4  ---- 172.30.8.0/21 ---- [Est. Client] 172.30.8.124

If:

Ping 172.30.8.124 ----> 172.30.8.4 ok

Ping 172.30.8.124 ----> 172.29.0.117 not responding

Ping 172.30.8.4 ----> 172.29.0.117 not responding

Ping 172.29.0.117 ----> Internet ok

Ping 172.20.0.117 ---> 172.30.8.4 not responding

Attach files

The catch was held simultaneously in the client station and the MWG.

Does anyone have a walkthrough transparent router impementação to see if I messed up.

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 16

Re: configure transparent router mode

Hello,

can you let me know what the default gateway is configured on MWG?

I am a little confused about this:

Ping 172.30.8.4 ----> 172.29.0.117 not responding


According do what you provided those are the IP addresses of eth0 and eth1 of the MWG. Does this mean if you SSH into MWG you cannot ping both IP addresses?


From what I saw so far it seems the packets hit MWG but MWG does not forward them. You can easily notice that for the DNS traffic... the traffic hits MWG but nothing happens. Usually you should see MWG forward that traffic to its default gateway.


So can you let me know:


- the default GW of MWG

- the value of "cat /proc/sys/net/ipv4/ip_forward" (execute via SSH on appliance)


Best,

Andre

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community