2 Replies Latest reply on Aug 10, 2017 9:54 AM by johnaldridge

    Mcafee Web Gateway Management IP Configuration

    g.shubladze@socar.ge

      Hello,

       

      i have an issue with my Web management IP address.

       

      I have 3 IP addresses for McAfee Web Gateway: 1) For Proxy, 2) For Internet, 3) For Management.

       

      I have configure static routes from my local vlan to Management. But in this configuration i can't user MWG like proxy from my local vlan. If I reconfigure vlan, i have lost connection with my Web management console.

       

      How can I configure static routes properly?

        • 1. Re: Mcafee Web Gateway Management IP Configuration
          frank_enser

          Hi,

           

          without knowing your exact network and routing configuration, I think the issue here is asymmetric routing. You are connecting to IP for Proxy, but the outgoing IP packet uses the management IP because of your static route.

           

          See the product guide (here) page 52 (section "Source-based routing") for configuring the correct routing. Depending on your actual network/routing configuration, you could also try changing the Reverse Path Forwarding setting to "loose" (see KB89395).

           

          Regards,

          Frank

          • 2. Re: Mcafee Web Gateway Management IP Configuration
            johnaldridge

            We use three interfaces in the same way, though I'm not sure this is exactly what you are looking for.

             

            In testing the procedure to re-image an appliance, I found that the default gateway we set when all three interfaces are configured won't work in the initial re-imaging.

             

            So:

            1. In re-imaging, I setup a reachable interface with its IP address and the default gateway for that sub-net.
            2. Once, I can get to the GUI, I then manually set the static routes (all nine of them--ouch), but don't save yet.
            3. Then set the correct settings for all of the interfaces, and save.
            4. You'll have to re-connect to the GUI.