1 2 3 Previous Next 25 Replies Latest reply on Mar 24, 2015 7:27 AM by M Bagheryan M

    McAfee Web Gateway replace TMG

    smalldog

      In my network, there is a TMG firewall that make proxy and allow users to internet. Now i want to replace TMG with McAfee Web Gateway so i don't need change anything on clients. is this can? and if yes what the mode i can deploy? Thanks!

        • 1. Re: McAfee Web Gateway replace TMG
          asabban

          Hello,

           

          important to notice is what is TMG currently doing? As you stated TMG is a firewall and a proxy server, while MWG is a proxy. Is the TMG doing any firewall tasks like filtering/redirecting ports? If so MWG may not be able to provide the same service, so this needs to be clarified before removing TMG.

           

          Additionally I would deploy the same mode that TMG is currently running. If TMG is deployed in a transparent mode, I would deploy MWG in transparent mode as well. If TMG is used explicitly, you can move its IP to MWG and proxying will work.

           

          We probably need more information about the current TMG tasks. Maybe it makes sense to talk to one of our Pro Services guys about this, as they can give better instructions, while in the community we can only make some assumptions and mention some ideas :-)

           

          Best,

          Andre

          1 of 1 people found this helpful
          • 2. Re: McAfee Web Gateway replace TMG
            smalldog

            Thanks for helpful information, at the moment TMG just proxy server. In this mode have 2 interface (internal and external) and client point to this internal address to connect internet. My customer doesn't want to change anything on their network when replaced MWG. So i just need set ipaddress of MWG the same TMG and put into the current network. So maybe deploy MWG in the transparent router?

            • 3. Re: McAfee Web Gateway replace TMG
              asabban

              Hello,

               

              what does

               

              "client point to this internal address"

               

              mean? Is this internal address configured as the proxy server in the client? Or is this IP address used as a default Gateway for all internet accesses (not HTTP only)?

               

              If it is used as the default  Gateway, transparent router should be the right deployment option :-)

               

              Best,

              Andre

              • 4. Re: McAfee Web Gateway replace TMG
                smalldog

                Thanks so much, Andre!

                • 5. Re: McAfee Web Gateway replace TMG
                  smalldog

                  Hi Andre, now i will deploy transparent router mode. I will replace TMG (proxy mode). Could you help me how to config this with 2 interfaces physical (two subnet)? Thanks!

                  • 6. Re: McAfee Web Gateway replace TMG
                    asabban

                    Hello,

                     

                    I recommend to check the product guide. It contains some documentation about how to set up the transparent modes. Basically it is all about setting up the network correctly. There is not too much you need to setup on the proxy itself, besides from turning transparent router mode on and reboot.

                     

                    I believe you should be done with setting up the IP addresses and routes (if required). Both can be done from within the UI. I think the configuration should look similar to your TMG setup. Since I do not know the network, I cannot really tell you what you need to configure to get MWG up and running in transparent router mode.

                     

                    I would start with setting up the network interfaces and enable transparent router mode. Follow the instructions from the product guide (starting at Page 106).

                     

                    Best,

                    Andre

                    • 7. Re: McAfee Web Gateway replace TMG
                      smalldog

                      I stuck in Virtual IP. Do need setup this virtual ip? I just have one appliance so i think don't need setup this. Thanks Andre!

                      • 8. Re: McAfee Web Gateway replace TMG
                        asabban

                        I think you can leave it blank in this case.

                         

                        Best,

                        Andre

                        • 9. Re: McAfee Web Gateway replace TMG
                          smalldog

                          Hi, i config transparent router mode (see attach file) but still can not connect to internet. On appliance can connect to internet but from client point proxy server to appliance that didn't work. Please support me. Thanks!

                          1 2 3 Previous Next