1 Reply Latest reply on Apr 14, 2017 4:14 PM by Peacekeeper

    Macafee Web-gateway with a Cisco ASA5515: stateful connection tracking


      I seem to be having an issue with a web-proxy (MWG) that is sitting past the outside interface of my ASA firewall. The web request(s) are allowed through the firewall (check) and go to the MWG. When they come back, they have the source-address of the ASA-facing interface - the connection tracking fails for the returning request and the return web traffic is denied.

      I have no experience with the MWG, nor can I even comment on its configuration, and it is under admin control of another group as it exists in another security domain.

      SO - who's at fault :-). I'm not sure what I can do on my "side" to get around this.