Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
This discussion is archived
553 Views 0 Replies Latest reply: Jan 29, 2013 2:44 PM by olivierafaij RSS
olivierafaij Newcomer 1 posts since
Jan 29, 2013
Currently Being Moderated

Jan 29, 2013 2:57 PM

Agent Deployment via ePO > to Workstations behind NAT

Hi

 

I have an issue with a McAfee ePO 4.6 deployment and i can't find a suitable solution.

 

 

My problem is that i have a subnetwork (of a subsidiary that has been recently integrated) on another IP Range, which is not fully NATed.

 

 

So i have the following configuration (let's be very schematic here) :

- an ePO server in a location (datacenter). Let's say IP = 192.168.0.1.

- a server  that is on the problematic subnetwork. Let's say his NATed ip = 192.168.100.1

- on the subnetwork, the real ip = 10.0.100.1

- the subnetwork where there is the  workstations, let's say the workstations' network is : 10.0.0.0/24, (workstations have a dynamic IP > ex: wks1 = 10.0.0.1, 10.0.0.2, etc.)

 

here's an overview of the configuration :

 

 

       ePO ---------------- (192.168.100.1) NATed server (10.0.100.1)

(192.168.0.1)                                                                            /    |       \

                                                              (10.0.0.1) wks1___/      |         \____ 10.0.0.2 (wks2)

                                                                                                 10.0.0.3 (wks3)

 

 

 

 

The distant subnetwork is over WAN, so at first, i didn't want to use Agent Handler.

Also, i've seen topic where Wakup Agent call is possible, if the NATed server is a SuperAgent, which is totally possible and what i wanted to do.

But my problem is for Agent management & Agent deloyment.

 

My question is :

How can i deploy agents if workstations are dynamic & not NATed ?

From my understanding, the first deployment needs a direct connection to the ePO server.

Nevertheless, is there a way to go through the SuperAgent ? Or is the only solution i have to go through the installation of a Agent Handler on the NATed server ?

 

What would you do, guys ?

 

Oliver

 

Ce message a été modifié par: olivierafaij on 29/01/13 14:57:36 CST

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points