8 Replies Latest reply on Jul 13, 2017 2:53 AM by snoehler

    Cannot connect appliance

    zapazka

      I have configured MWG.

      I turned off interface 'eth1'(configured) in 'settings' and saved. Now I cannot connect applience.

      External managment switched off.

      How to turn interface on with CLI and root?

       

      Thanks

        • 1. Re: Cannot connect appliance
          snoehler

          Hey,

           

          If eth1 is configured on the web gateway you should be able to bring it up again using ifup eth1 on the CLI. But keep in mind that all changes made via CLI are only present until you reboot the appliance.
          To keep the changes you would need to do these on the UI.

           

          ~sno

          1 of 1 people found this helpful
          • 2. Re: Cannot connect appliance
            zapazka

            thank you.

            eth1 is up. I see configuration in CLI.

             

            But, I can not connect to the appliance. Maybe this is a similar situation in the link below. And I need to change network configuration file in mwg.

            McAfee Corporate KB - KB69084

            How to do it? Is it real?

            PS: I do not have backup files of configure.

            • 3. Re: Cannot connect appliance
              zapazka

              or

              The manage web-appliance was turned off for mgw external ip-adress. How to turn the manage web-appliance on that?(CLI and root)

              • 4. Re: Cannot connect appliance
                snoehler

                Hi,

                 

                Could you be a bit more specific?
                What does "I can not connect to the appliance" mean?


                Are you able to connect using SSH? (or only VMWare console)
                What happens when you try to access the UI? Do you face any error message?

                Do you only have this appliance? Or do you have multiple appliances, if so; are they configured in a central management?

                 

                 

                Best,

                 

                ~sno

                • 5. Re: Cannot connect appliance
                  zapazka

                  Hi

                  My hardware is MFE Web Gateway 5000 Appl-B, web version is 7.6.2.5.

                  Now I do my actions with 'phisical access' by my server.

                  In the MWG UI, then I had navigate to Configuration -> Appliances -> Network Interfaces, I had selected the eth1 interface and have unchecked mark off and had saved.

                  I need change configure file that to do check mark for eth1.(using no UI, only CLI)

                   

                  Thanks

                  • 6. Re: Cannot connect appliance
                    snoehler

                    Hi,

                     

                    You should have a second interface that's still up that you can use to connect to the UI. The Web Gateway will not let you save the configuration when you only have one interface and try to disable this.

                     

                    But in case you cannot use that interface for some reason (network restrictions or whatever) you may consider to revert the current active configuration back to the second newest in order to revert the interface changes.

                     

                    -To check the current active:
                    # cat /opt/mwg/storage/active_configuration

                     

                    - All configurations are located in "/opt/mwg/storage/default", find the one with the second newest timestampt (since the newest will be the active one)
                    # ls -tr /opt/mwg/storage/default

                     

                    - Or if you are lazy and do not want to look for the second newest/correct configuration yourself, run the following command which will show you the second newest configuration:

                    # ls -tr /opt/mwg/storage/default -I '*.hash' | tail -2 | head -n 1

                     

                    - Make the second newest configuration the active one. Do not forget to replace *CONFIG* with the correct configuration name
                    # /opt/mwg/bin/mwg-coordinator -F 'file:in=*CONFIG*

                     

                    ~sno

                     



                    • 7. Re: Cannot connect appliance
                      johnaldridge

                      This procedure to revert a configuration was something I was going to lookup, so I thought I'd chime in for details.

                       

                      Can you clarify regarding the command:

                       

                      /opt/mwg/bin/mwg-coordinator -F ...

                       

                      Is that run when the mwg-coordinator daemon is stopped--as a "startup", or can this be run while the daemon is already running?  Are there any other steps that are worth including?  And, is there a larger discussion/reference for this?

                      • 8. Re: Cannot connect appliance
                        snoehler

                        Well, in the KB Article to reset the admin ui password it's written down that the services should be stopped. But when I do it that way, the active configuration will be overwritten again for some reason. So usually I do it while every service is up and running, for me this is working fine.
                        I don't think that there is a real discussion or any KB article about this, at least not that I am aware of