5 Replies Latest reply on Sep 19, 2011 7:29 AM by gizmagis

    McAfee Web Gateway 7 - broadcast

    gizmagis

      Hi guys,

       

      I hope this is the right section for this question. I have MWG 7 installed as transparent router - all clients connect to it's through default gateway. On all clients I have HIPS 8 installed and under log I can see that MWG is broadcasting every second on 255.255.255.255. Can anyone explain to me what is with that broadcasting ?

       

      Tnx

      Grgor

        • 1. Re: McAfee Web Gateway 7 - broadcast
          gizmagis

          Anybody has an answer or idea what could that be ?

           

          Gregor

          • 2. Re: McAfee Web Gateway 7 - broadcast
            asabban

            Hi Gregor,

             

            in cas eyou use any of the HA modes, there should be broadcast and multicast traffic. The multicast traffic is used by VRRP which is the protocol used to make sure that one of the director nodes has the "virtual IP" assigned and available for the network. This may also be present if there is only one director node.

             

            The scanning nodes are locating themselves by sending broadcasts. If I am correct those packets should have the IP protocol "253", which is the protocol used for the load sharing communication.

             

            Hope this helps.

             

            Best,

            Andre

            • 3. Re: McAfee Web Gateway 7 - broadcast
              gizmagis

              Hi Andre,

               

              In this environment there is only one MWG and configured as transparent router. So if there is only one, why is "he" looking for other scanning nodes or themselves ?

              And yes you are correct, I can see ip 253 and broadcasting on 255.255.255.255.

               

              So I can safely ignore this or is it best practice to configure sth ?

               

              Regards,
              Gregor

              • 4. Re: McAfee Web Gateway 7 - broadcast
                asabban

                Hi Gregor,

                 

                you can ignore them. The broadcasts are sent out through the interface which has the IP associated that you configure for the "Management IP" in the UI. In case you have only one node at all, you can probably add an IP to a NIC that is not attached to a network, and configure that IP address as the Management IP.

                 

                But this is just theory. Typically the broadcast packets should not cause any problem, so in case everything is running fine around this, I would not touch it :-)

                 

                best,

                Andre

                • 5. Re: McAfee Web Gateway 7 - broadcast
                  gizmagis

                  Hi Andre,

                   

                  thank you for reply and explanation about broadcast. I was just curious about it cause I saw broadcast every 1 second in my HIPS log.

                   

                  Thanks,

                  Gregor